October 01, 2015

The contents of /etc/shadow

❑ /etc/shadowThis is separated from /etc/passwd to encrypt the password. In the past, the password information was a second field in the /etc/passwd. It is synchronized with /etc/passwd file.

❑ /etc/shadow format(CentOS)
[Login name]:$[Hash type]$[Salt]$[Hashed password]:[Data of last password change]:[Minimum]:[Maximum]:[Warn]:[Inactive]:[Expire]:[Reserve]

[Minimum] : Minimum number of days for using the password.
[Maximum] : Maximum number of days for using the password.
[Warn] : The number of days to warn the user before the password expires.
[Inactive] : The number of days that login is available so far after password expires.
[Expire] : Account expire date.
[Reserve] : Currently unused.


※ 1. Check passwd(Link)
2. Check shadow man page(Link)

※ Hash type
$0 : DES
$1 : MD5
$2 : Blowfish
$5 : SHA-256
$6 : SHA-512