Operation and Maintenance
Linux Operation and Maintenance
Which directory in Linux stores passwords?
Which directory in Linux stores passwords?
The "/etc" directory of Linux stores passwords. The "/etc" directory is used to store the main configuration files of the system, such as user account and password files. There are two files for storing passwords: 1. shadow file, which is used to store the password information of users in the system; 2. gshadow file. Used to store password information for group users in the system.
#The operating environment of this tutorial: linux5.9.8 system, Dell G3 computer.
The "/etc" directory of Linux stores passwords.
Linux etc is used to store the main configuration files of the system, such as user account and password files, starting files for various services, etc. Generally speaking, the attributes of each file in this directory can be General users can check it, but only root has the right to modify it.
There are two files in the "/etc" directory that store passwords
1. Shadow file
/etc/shadow file is used to store the password information of users in the Linux system, also known as "shadow file".
There is a passwd file in etc., which stores the basic information of all users in the system. However, because this file is allowed to be read by all users, it can easily lead to the leakage of user passwords. Therefore, the Linux system stores the user’s password information. Separated from the /etc/passwd file and placed in this file alone.
/etc/shadow file only the root user has read permissions, and other users do not have any permissions, thus ensuring the security of user passwords.
Note that if the permissions of this file are changed, you need to pay attention to whether it is a malicious attack.
Each line in the /etc/shadow file represents a user, and ":" is also used as the delimiter. The difference is that each line of user information is divided into 9 fields. The meaning of each field is as follows:
用户名:加密密码:最后一次修改时间:最小修改时间间隔:密码有效期:密码需要变更前的警告天数:密码过期后的宽限时间:账号失效时间:保留字段
Next, I will introduce these 9 fields to you.
1) The user name
has the same meaning as the user name in the /etc/passwd file.
2) Encrypted password
What is saved here is the truly encrypted password. Currently, Linux passwords use the SHA512 hash encryption algorithm, which originally used the MD5 or DES encryption algorithm. The SHA512 hash encryption algorithm provides a higher level of encryption and is more secure.
Note that the garbled characters generated by this string of passwords cannot be modified manually. If modified manually, the system will not be able to recognize the password, causing the password to become invalid. Many software use this function to add "!", "*" or "x" before the password string to temporarily invalidate the password.
The passwords of all pseudo users are "!!" or "*", which means you cannot log in without a password. Of course, if a newly created user does not set a password, its password item will also be "!!", which means that the user does not have a password and cannot log in.
3) Last modification time
This field indicates the time when the password was last modified. However, why does the root user display 15775?
This is because Linux calculates the date by taking January 1, 1970 as 1 and accumulating the time. By January 1, 1971, it will be 366 days. 15775 days are displayed here, that is to say, the root user password was changed by this root account on the 15775th day after January 1, 1970.
So, which day does 15775 represent? You can use the following command to convert:
[root@localhost ~]# date -d "1970-01-01 15775 days" 2013年03月11日 星期一 00:00:00 CST
You can see that through the above command, it can be converted to the system date we are used to.
4) Minimum modification time interval
Minimum modification interval time, that is to say, this field specifies the start from the 3rd field (the date of the last password modification) , how long the password cannot be changed. If it is 0, the password can be changed at any time; if it is 10, it means that the password cannot be changed again within 10 days after the password is changed.
This field is designed to prevent some people from frequently changing their account passwords.
5) Password validity period
It is a good habit to change passwords frequently. In order to force users to change passwords, this field can specify the distance from the 3rd field (the last password change) How long does it take to change the password again, otherwise the account password will expire.
The default value of this field is 99999, which is 273 years, which can be considered as permanent. If changed to 90, it means that the password must be changed again after 90 days, otherwise the user will expire. When managing the server, use this field to force users to change their passwords regularly.
6) The number of warning days before the password needs to be changed
Compared with the 5th field, when the account password validity period is about to expire, the system will issue a warning message to the account , reminding users "Your password will expire in n days, please reset your password as soon as possible!".
The default value of this field is 7, which means that starting from the 7th day before the password is valid, the system will issue a "change password" warning message to the account every time you log in.
7) Number of grace days after password expiration
也称为“口令失效日”,简单理解就是,在密码过期后,用户如果还是没有修改密码,则在此字段规定的宽限天数内,用户还是可以登录系统的;如果过了宽限天数,系统将不再让此账户登陆,也不会提示账户过期,是完全禁用。
比如说,此字段规定的宽限天数是 10,则代表密码过期 10 天后失效;如果是 0,则代表密码过期后立即失效;如果是 -1,则代表密码永远不会失效。
8)账号失效时间
同第 3 个字段一样,使用自 1970 年 1 月 1 日以来的总天数作为账户的失效时间。该字段表示,账号在此字段规定的时间之外,不论你的密码是否过期,都将无法使用!
该字段通常被使用在具有收费服务的系统中。
9)保留
这个字段目前没有使用,等待新功能的加入。
忘记密码怎么办
经常有读者会忘记自己的账户密码,该怎么处理呢?
对于普通账户的密码遗失,可以通过 root 账户解决,它会重新给你配置好指定账户的密码,而不需知道你原有的密码(利用 root 的身份使用 passwd 命令即可)。
如果 root 账号的密码遗失,则需要重新启动进入单用户模式,系统会提供 root 权限的 bash 接口,此时可以用 passwd 命令修改账户密码;也可以通过挂载根目录,修改 /etc/shadow,将账户的 root 密码清空的方法,此方式可使用 root 无法密码即可登陆,建议登陆后使用 passwd 命令配置 root 密码。
2、gshadow文件
组用户信息存储在 /etc/group 文件中,而将组用户的密码信息存储在 /etc/gshadow 文件中。
gshadow文件中,每行代表一个组用户的密码信息,各行信息用 ":" 作为分隔符分为 4 个字段,每个字段的含义如下:
组名:加密密码:组管理员:组附加用户列表
1)组名
同 /etc/group 文件中的组名相对应。
2)组密码
对于大多数用户来说,通常不设置组密码,因此该字段常为空,但有时为 "!",指的是该群组没有组密码,也不设有群组管理员。
3)组管理员
从系统管理员的角度来说,该文件最大的功能就是创建群组管理员。那么,什么是群组管理员呢?
考虑到 Linux 系统中账号太多,而超级管理员 root 可能比较忙碌,因此当有用户想要加入某群组时,root 或许不能及时作出回应。这种情况下,如果有群组管理员,那么他就能将用户加入自己管理的群组中,也就免去麻烦 root 了。
不过,由于目前有 sudo 之类的工具,因此群组管理员的这个功能已经很少使用了。
4)组中的附加用户
该字段显示这个用户组中有哪些附加用户,和 /etc/group 文件中附加组显示内容相同。
相关推荐:《Linux视频教程》
The above is the detailed content of Which directory in Linux stores passwords?. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1386
52
How to use docker desktop
Apr 15, 2025 am 11:45 AM
How to use Docker Desktop? Docker Desktop is a tool for running Docker containers on local machines. The steps to use include: 1. Install Docker Desktop; 2. Start Docker Desktop; 3. Create Docker image (using Dockerfile); 4. Build Docker image (using docker build); 5. Run Docker container (using docker run).
Difference between centos and ubuntu
Apr 14, 2025 pm 09:09 PM
The key differences between CentOS and Ubuntu are: origin (CentOS originates from Red Hat, for enterprises; Ubuntu originates from Debian, for individuals), package management (CentOS uses yum, focusing on stability; Ubuntu uses apt, for high update frequency), support cycle (CentOS provides 10 years of support, Ubuntu provides 5 years of LTS support), community support (CentOS focuses on stability, Ubuntu provides a wide range of tutorials and documents), uses (CentOS is biased towards servers, Ubuntu is suitable for servers and desktops), other differences include installation simplicity (CentOS is thin)
What to do if the docker image fails
Apr 15, 2025 am 11:21 AM
Troubleshooting steps for failed Docker image build: Check Dockerfile syntax and dependency version. Check if the build context contains the required source code and dependencies. View the build log for error details. Use the --target option to build a hierarchical phase to identify failure points. Make sure to use the latest version of Docker engine. Build the image with --t [image-name]:debug mode to debug the problem. Check disk space and make sure it is sufficient. Disable SELinux to prevent interference with the build process. Ask community platforms for help, provide Dockerfiles and build log descriptions for more specific suggestions.
How to view the docker process
Apr 15, 2025 am 11:48 AM
Docker process viewing method: 1. Docker CLI command: docker ps; 2. Systemd CLI command: systemctl status docker; 3. Docker Compose CLI command: docker-compose ps; 4. Process Explorer (Windows); 5. /proc directory (Linux).
What computer configuration is required for vscode
Apr 15, 2025 pm 09:48 PM
VS Code system requirements: Operating system: Windows 10 and above, macOS 10.12 and above, Linux distribution processor: minimum 1.6 GHz, recommended 2.0 GHz and above memory: minimum 512 MB, recommended 4 GB and above storage space: minimum 250 MB, recommended 1 GB and above other requirements: stable network connection, Xorg/Wayland (Linux)
Detailed explanation of docker principle
Apr 14, 2025 pm 11:57 PM
Docker uses Linux kernel features to provide an efficient and isolated application running environment. Its working principle is as follows: 1. The mirror is used as a read-only template, which contains everything you need to run the application; 2. The Union File System (UnionFS) stacks multiple file systems, only storing the differences, saving space and speeding up; 3. The daemon manages the mirrors and containers, and the client uses them for interaction; 4. Namespaces and cgroups implement container isolation and resource limitations; 5. Multiple network modes support container interconnection. Only by understanding these core concepts can you better utilize Docker.
What is vscode What is vscode for?
Apr 15, 2025 pm 06:45 PM
VS Code is the full name Visual Studio Code, which is a free and open source cross-platform code editor and development environment developed by Microsoft. It supports a wide range of programming languages and provides syntax highlighting, code automatic completion, code snippets and smart prompts to improve development efficiency. Through a rich extension ecosystem, users can add extensions to specific needs and languages, such as debuggers, code formatting tools, and Git integrations. VS Code also includes an intuitive debugger that helps quickly find and resolve bugs in your code.
vscode cannot install extension
Apr 15, 2025 pm 07:18 PM
The reasons for the installation of VS Code extensions may be: network instability, insufficient permissions, system compatibility issues, VS Code version is too old, antivirus software or firewall interference. By checking network connections, permissions, log files, updating VS Code, disabling security software, and restarting VS Code or computers, you can gradually troubleshoot and resolve issues.
