The second field in shadow file contains encrypted password as well as other information. The file is readable by root only and the fields include the following:
1) username (usually up to 8 characters and case sensitive. Direct match to /etc/passwd)
2) encrypted password (13 characters)
3) The number of days since 1st Jan 1970 since the password has been last changed.
4) The number of days before password may be changed. If you see a '0', you can change any time.
5) The number of days after which the password must be changed. If you see 99999, no change is needed forever.
6) The number of days before to warn user of an imminent password expiry.
7) The number of days after password expiry that the account is disabled.
8) The number of days since 1st Jan 1970 that this account is disabled.
9) Last field is reserved. Not used at this moment.
More details on how to read the 2nd field?
- If you have blank entry, though is a bad idea but this mean that you do not need password to log in.
- If you have a '*' entry, this means the account is disabled. User cannot log in.
- If you have a '!' entry, this means the account is disabled as well. Use cannot log in.
- if you have a "!!" entry, this mean the account has never been used yet. User has not log in before and cannot log in.
Tuesday, December 29, 2009
Deciphering second field in shadow file in RHEL
Labels:
LinuxAdmin
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment