Linux /etc/shadow file

From Thomas-Krenn-Wiki
Jump to navigation Jump to search

Passwords for local users are stored in Linux in the /etc/shadow file (shadow-file).

Each line in this file contains eight fields separated by colons (":"). The meaning of each field is as follows: 

USERNAME:PASSWORD:LASTCHANGE:MINAGE:MAXAGE:WARN:INACTIVE:EXPDATE

Passwords are stored as hash values. The first characters indicate which hash algorithm is used:

  • $1$ -> Message Digest 5 (MD5)
  • $2a$ -> blowfish
  • $2y$ –> Eksblowfish
  • $5$ -> 256-bit Secure Hash Algorithm (SHA-256)
  • $6$ -> 512-bit Secure Hash Algorithm (SHA-512)
  • $y$ (or $7$) -> yescrypt
  • none of the above means DES

Author: Werner Fischer

Werner Fischer, working in the Knowledge Transfer team at Thomas-Krenn, completed his studies of Computer and Media Security at FH Hagenberg in Austria. He is a regular speaker at many conferences like LinuxTag, OSMC, OSDC, LinuxCon, and author for various IT magazines. In his spare time he enjoys playing the piano and training for a good result at the annual Linz marathon relay.


Translator: Alina Ranzinger

Alina has been working at Thomas-Krenn.AG since 2024. After her training as multilingual business assistant, she got her job as assistant of the Product Management and is responsible for the translation of texts and for the organisation of the department.


Related articles

ATA exception Emask
Show article
Cockpit Web Console
Show article
Linux performance counters with perf and perf-tools
Show article