Example Shadow File:
root@(none):/# cat /etc/shadow
root:$1$NJi50Ceq$H2TXojQhmmD/lS.I41mSp1:0:0:99999:7:::
root:$1$g1UlaVkd$ZNIs8OXZmUK.QQxY7IoAN/:0:0:99999:7:::
daemon:*:0:0:99999:7:::
ftp:*:0:0:99999:7:::
network:*:0:0:99999:7:::
nobody:*:0:0:99999:7:::
root@(none):/# cat /etc/passwd
root❌0:0:root:/root:/bin/ash
user❌1000:1000:user:/home/user:/bin/ash
daemon:*:1:1:daemon:/var:/bin/false
ftp:*:55:55:ftp:/home/ftp:/bin/false
network:*:101:101:network:/var:/bin/false
nobody:*:65534:65534:nobody:/var:/bin/false
fields
- username
- salt and hashed password
- days since epoch of last password change
- days until a change is allowed
- days before a change is required
- days warning for expiration
- days before account is inactive
- days since epoch when account expires
- reserved
more on the salt/hashed password
$id$salt$hash
- [MD5](/Crypto/Hash Functions/MD5)
2a. [Blowfish](/Crypto/Symmetric Encryption/Blowfish)
- [SHA-256](/Crypto/Hash Functions/SHA2)
- [SHA-512](/Crypto/Hash Functions/SHA2)
MD5 Crypt Password:
>>> mkpasswd -m md5 password
$1$2ucwSK2M$Mvo.3AdWy247mr.2Vqcic0
bcrypt Password:
>>> mkpasswd -m bcrypt password
$2b$05$KbGHzDiJsLH7ShEmmjO8e.WA9VYY64.iBWtHUUivXsIVGPBo16on2
bcrypt-a Password:
>>> mkpasswd -m bcrypt-a password
$2a$05$IGf08OKmBXUneMNl3mTKuOX.3iAZWP1UvL22y6o2r9A1lex/YORWu
SHA-256 Crypt Password:
>>> mkpasswd -m sha-256 password
$5$0NSW8xlNeLRniso3$EnevOMAGMXUeqx18SCcJhitkTVqIB9xpf9fqfoGt2q3
SHA-512 Crypt Password:
>>> mkpasswd -m sha-512 password
$6$Pm.e0h7RhDJnNL8x$i..AXNeDDHcll99pX5BRmP7t4Wlw16gHnZNDUsNiKMtguhQllF7hdEFBh5bde2tYLdoPXHy1CptNlK96HXJux0
GOST Crypt Password:
>>> mkpasswd -m gost-yescrypt password
$gy$j9T$RtNypMvru5pIwX6SliJNh1$lFB6IYlTmY5ho51kiCymMudEtryeX1BajRiv0XF4OAC