Shulou(Shulou.com)06/01 Report--

How to interpret / etc/shadow file related fields, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain for you in detail, people with this need can come to learn, I hope you can gain something.

/ etc/shadow file is the shadow file of / etc/passwd, which is not generated by / etc/passwd, and the two files should be corresponding and complementary. Shadow content includes the user and the encrypted password and other information that / etc/passwd cannot include, such as the validity period of the user. This file can only be read and manipulated with root permissions as follows:

# ls-l / etc/shadow

-Rmurmuri-1 root root 1256 08-08 05:01 / etc/shadow

The permissions of / etc/shadow cannot be casually changed to be readable by other users, which is dangerous. If you find that the permissions of this file have become readable to other user groups or users, check to prevent system security problems.

Content analysis of / etc/shadow

The content of the / etc/shadow file consists of 9 segments, each of which is separated by a: sign

The first field: the user name (also known as the login name). In / etc/shadow, the user name and / etc/passwd are the same, thus associating the user records used in passwd and shadow; this field is not empty

Second field: password (encrypted), this field is not empty

The third field: the time when the password was last changed; this time is the interval between January 01, 1970 and the last time the password was changed (days). You can change the user's password through passwd, and then check the changes in this field in / etc/shadow.

Fourth field: the minimum number of days between two password changes; if the value of this field is empty, the account is permanently available

Fifth field: the maximum number of days between two password changes; if the value of this field is empty, the account is permanently available

Sixth field: how many days in advance warn the user that the password will expire; if the value of this field is empty, the account will be permanently available

Seventh field: how many days after the password expires to disable this user; if the value of this field is empty, the account is permanently available

Eighth field: user expiration date; this field specifies the number of days the user has been invalidated (days since January 1, 1970). If the value of this field is empty, the account will be permanently available.

Field 9: reserved field, currently empty for future development

Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.