Debianhelp.co.uk

 Password, Shadow and Group files Description in Linux

What is Password file?

Passwd file is a text file, that contains a list of the system's accounts, giving for each account some useful information like user ID, group ID, home directory, shell, etc. Often, it also contains the encrypted passwords for each account. It should have general read permission (many utilities, like ls use it to map user IDs to user names), but write access only for the superuser.  

What is Shadow file?

shadow file contains the encrypted password information for user's accounts and optional the password aging information. 

What is Group file?

group file is an ASCII file which defines the groups to which users belong. There is one entry per line, and each line has the format 

All three files are located in /etc directory and we will see each one this file detailed

 /etc/passwd

There is one entry per line, and each line has the format:

Password file format

account:password:UID:GID:GECOS:directory:shell

 

The /etc/passwd file consists of user records, one to a line. Each record contains multiple fields, separated by colons (:). The fields are:

  • username
  • encrypted password (or x if shadow passwords are in use)
  • UID
  • default GID
  • real name (also known as the GECOS field)
  • home directory
  • default shell

 

See also man page passwd file for more details. Click here for password file man page. 

 

/etc/shadow

 

Shadow file format

 

smithj:Ep6mckrOLChF.:10063:0:99999:7:::
 

if shadow passwords are being used, the /etc/shadow file contains users' encrypted passwords and other information about the passwords. Its fields are colon-separated as for /etc/passwd, and are as follows:

  • username
  • encrypted password
  • Days since Jan 1, 1970 that password was last changed
  • Days before password may be changed
  • Days after which password must be changed
  • Days before password is to expire that user is warned
  • Days after password expires that account is disabled
  • Days since Jan 1, 1970 that account is disabled
  • A reserved field

 

The password expiry related fields are modified by the change program.

 

See also shadow file man page for more details. Click here for shadow file man page.

 /etc/group

There is one entry per line, and each line has the format:

Group file format

group_name:passwd:GID:user_list

The /etc/group file consists of group records, one to a line. Each record contains multiple fields, separated by colons (:). The fields are:

  • group name
  • encrypted group password (or x if shadow passwords are in use)
  • GID
  • group members' usernames, comma-separated

 

See also group file Man page for more details. Click here for group file man page.