Explain the different parts of a passwd file in
Linux/Unix.
Ans
passwd is a tool on
most Unix and Unix-like operating systems used to change a
user's password. The password entered by the user is run through
a key derivation function to create a hashed version of the
new password, which is saved. Only the hashed version is stored; the entered
password is not saved for security reasons.
When the user logs on, the password entered by the user
during the log on process is run through the same key derivation function and
the resulting hashed version is compared with the saved version. If the hashes
are identical, the entered password are considered to be identical, and so the
user is authenticated. In theory, it is possible to occur that two different
passwords produce the same hash. However, cryptographic hash
functions are designed in such way that finding any password that produces
the given hash is very difficult and practically unfeasible, so if the produced
hash matches the stored one, the user can be authenticated.
The passwd command may be used to change passwords for local
accounts, and on most systems, can also be used to change passwords managed in
a distributed authentication mechanism such as NIS, Kerberos,
or LDAP.
The /etc/passwd file is a text-based database of
information about users that may log in to the system or
other operating system user identities that own running processes.
In many operating systems this file is just one of many
possible back-ends for the more general passwd name service.
The file's name originates from one of its initial functions
as it contained the data used to verify passwords of user accounts.
However, on modern Unix systems the security-sensitive password
information is instead often stored in a different file using shadow
passwords, or other database implementations.
The /etc/passwd file typically has file system
permissions that allow it to be readable by all users of the system (world-readable),
although it may only be modified by the superuser or by using a few
special purpose privileged commands.
The /etc/passwd file is a text file with
one record per line, each describing a user account. Each record
consists of seven fields separated by colons. The ordering of
the records within the file is generally unimportant.
The linux password file location is in /etc. The password
file has all the information you need to know about a user such as his
username, UID, GID etc. There is one saying… if a beginner in Linux is able to
create an entry in passwd file and create a user without using useradd command,
he can do anything he wants on a Linux box to carry out something. There are
total 7 fields in /etc/passwd file which are separated by delimiter“:” as
described below.
surendra:x:1000:1000:Surendra home:/home/surendra:/bin/bash
1
2 3
4
5
6
7
1) User login name: Shows what is the
Login Id for a user.
2) Password: Specifies Where is your
password located(in /etc/password file or /etc/shadow file)?
This field may contain any of the following info.
a) x, which show that the password for the corresponding user
is in encrypte form and stored in /etc/shadow file
b) or an encrypted password, if shadow file is reverted back.
3) UID: User identification number
used by system to know who the user is.
4) GID: Group ID is the number used
by system to know the group where this user belongs primary group.
5) Comment: Used for giving
some information about the account/user
6) User home directory: The home directory of
the user where he logins.
7) Default shell: shell for
executing commands.
No comments:
Post a Comment