A user's credentials and password related information are maintained in shadow file in Linux. The file requires root permission to be read. It has the following construction:
username : hashed passwd with salt and type : last passwd change day : minimun days to change passwd : max passwd lifetime : warning period : grace period : account expire day
Days above are in refernce to last passwd change day (calculated from epoch, 01/01/1970) and max passwd lifetime. They can be changed as required. In grace period, a user is asked to changed the passwd as soon as s/he logs in whereas in warning period, which is calculated from max passwd lifetime, the user is just thrown a warning message saying when the passwd will expire. The account lock day is the day after which the user is not allowed to login. There are several utilities which can be used with appropriate options to manipulate these entries in shadow file.
A passwd file is a file which stores user information. It has the following construction:
username : user id : group id :full name : home dir : shell
The last field, shell, is the default shell given to the user after login and home dir is its home directory.
The above words are used so as to convey the information. More information comes in a follow-up blog with references.
The above words are used so as to convey the information. More information comes in a follow-up blog with references.
No comments:
Post a Comment