Linux - /etc/shadow (Secure user information)

1 - About

/etc/shadow is a text file that contains secure user information such as:

  • and account expiration information

The public user information are stored in the /etc/passwd file.

The shadow file is readable only by the root account

It's used by the standard Unix authentication mechanism. See the PAM module PAM_UNIX

3 - Format

One line by user where fields are separated by : colon characters


Field Short description Long
userName username max 8 character, the username that matches the username of /etc/passwd
password password 13 character encrypted
* A blank entry (eg. ::) indicates a password is not required to log in
* A * indicates the account has been disabled.
* !! or ! : no password has been given (the account is locked)
10063 last password change the number of days (since January 1, 1970) since the password was last changed.
0 days until change allowed The number of days before password may be changed (0 indicates it may be changed at any time)
99999 days before change required 99999 indicates user can keep his or her password unchanged for many, many years
7 days warning for expiration The number of days to warn user of an expiring password (7 for a full week)
days before account inactive The number of days after password expires that account is disabled
date when account expires The number of days since January 1, 1970 that an account has been disabled
reserved for future use A reserved field for possible future use

4 - Documentation / Reference

Data Science
Data Analysis
Data Science
Linear Algebra Mathematics

Powered by ComboStrap