You are reading the article How Linux Stores And Manages User Passwords updated in September 2023 on the website Dacvumuahe.com. We hope that the information we have shared is helpful to you. If you find the content interesting and meaningful, please share it with your friends and continue to follow and support us for the latest updates. Suggested October 2023 How Linux Stores And Manages User Passwords
Have you wondered how Linux efficiently manages a multi-user environment? In this article we explain how Linux stores and manages user passwords and logins.Exploring /etc/passwd file
The “/etc/passwd” is one of the most important files that stores user details.
Let us create another user for whom some telephone numbers have been stored. The user “pluto” is added to the system using the adduser command.
Looking at the “etc/passwd” file again, we can view the complete information for the user “pluto.” The field which has a comma-separated list of full name and numbers is called as “GECOS field.”
Whenever a user is created, values of the home directory and default shell that need to be assigned are specified in the “/etc/adduser.conf” file.
User IDs for created users begin from 1000 and run up to 59999.
The user “carbon” was able to view the entries of the “/etc/passwd” file simply by using the cat command. Let us take a look at its permissions.
Only the “root” user can write to the file. Other users can only read the file. Since this file is readable by everyone, it is not ideal to store passwords here. Instead it is stored in another file called “/etc/shadow.”Exploring the /etc/shadow File
Now let us try to view the stored password for users “carbon” and “pluto” in the”/etc/shadow” file.
Taking a look at the permissions for the “/etc/shadow” file, we can see that only the “root” user can read and write to the file. Also only members of the group “shadow” can read the file. In reality, the “shadow” group is empty but is syntactically required for this file.
$6 : the hashing algorithm used. Here is the list of potential hashing algorithms.
$1 : MD5
$2a : Blowfish
$2y : Eksblowfish
$5 : SHA-256
$6 : SHA-512
$JvWfZ9u. : salt value.
$yGFIqOJ.... : hashed password.
The resulting hash value is stored as the encrypted password for a user. The salt value is unique for every user. Even if two users have the same plaintext password, using a unique salt would generate a unique hash value.
The last seven fields pertaining to password validity are collectively said to hold information about “Password Aging Policy.”
The default values corresponding to “Password Aging Policy” are specified in the “/etc/login.defs” file. These values can be altered for a user using the change command.What about group information?
User information and passwords are stored in the “/etc/passwd” and “/etc/shadow” files. Likewise, group information is stored in the “/etc/group” file.
Highlighted above are groups belonging to users “carbon” and “pluto.” When a user is created in Linux, that user is immediately assigned to a group with the same name as the user name.
Members of a group can share a group password, too, for group-related activities. The value of x indicates that the password information for that group would be in the “/etc/gshadow” file.
However, access to “/etc/gshadow” is restricted to the “root” user.Putting it all together
When a user wishes to log in, the hash of the typed password is found using that user’s salt value in “/etc/shadow.” Then it is compared with the stored hash. If the values match, the user is granted access.
Divya divides her time between speculating the existence of aliens and writing about her technical findings.
Subscribe to our newsletter!
Our latest tutorials delivered straight to your inbox
Sign up for all newsletters.
You're reading How Linux Stores And Manages User Passwords
Update the detailed information about How Linux Stores And Manages User Passwords on the Dacvumuahe.com website. We hope the article's content will meet your needs, and we will regularly update the information to provide you with the fastest and most accurate information. Have a great day!