Question
What do all of the number in the /etc/shadow file mean?
Answer
While there are several articles online for this, you can find the answer to this in the source. The "man" page for shadow. To view the man page, run the following command via SSH or Terminal:
man shadow
Here is the section that's relevant to this article:
shadow manipulates the contents of the shadow password file, /etc/shadow. The structure in the
#include file is:
struct spwd {
char *sp_namp; /* user login name */
char *sp_pwdp; /* encrypted password */
long int sp_lstchg; /* last password change */
long int sp_min; /* days until change allowed. */
long int sp_max; /* days before change required */
long int sp_warn; /* days warning for expiration */
long int sp_inact; /* days before account inactive */
long int sp_expire; /* date when account expires */
unsigned long int sp_flag; /* reserved for future use */
}
The meanings of each field are:
· sp_namp - pointer to null-terminated user name
· sp_pwdp - pointer to null-terminated password
· sp_lstchg - days since Jan 1, 1970 password was last changed
· sp_min - days before which password may not be changed
· sp_max - days after which password must be changed
· sp_warn - days before password is to expire that user is warned of pending password expiration
· sp_inact - days after password expires that account is considered inactive and disabled
· sp_expire - days since Jan 1, 1970 when account will be disabled
· sp_flag - reserved for future use
So, given the following entry, let's break it down:
root:$HASH/:18360:0:99999:7:::
Username - root
Encrypted password - $HASH
Days since last password change - 18360 (at the time of this articles writing, 18,360 days ago was in 1970, so this means the password was never changed since this is a new server
Minimum days before the password can be changed - 0
Days after which password must be changed - 99999
Days before user is warned of password expiration - 7
Days before account is inactive and disabled - unset
Days since Jan 1, 1970 when password expires - unset
Last section is unused - unset
Comments
0 comments
Article is closed for comments.