Linux - /etc/shadow (Secure user information)


/etc/shadow is a text file that contains secure user information such as:

  • and account expiration information

The public user information are stored in the /etc/passwd file.

The shadow file is readable only by the root account

It's used by the standard Unix authentication mechanism. See the PAM module PAM_UNIX


One line by user where fields are separated by : colon characters

Field Short description Long
userName username max 8 character, the username that matches the username of /etc/passwd
password password 13 character encrypted
* A blank entry (eg. ::) indicates a password is not required to log in
* A * indicates the account has been disabled.
* !! or ! : no password has been given (the account is locked)
10063 last password change the number of days (since January 1, 1970) since the password was last changed.
0 days until change allowed The number of days before password may be changed (0 indicates it may be changed at any time)
99999 days before change required 99999 indicates user can keep his or her password unchanged for many, many years
7 days warning for expiration The number of days to warn user of an expiring password (7 for a full week)
days before account inactive The number of days after password expires that account is disabled
date when account expires The number of days since January 1, 1970 that an account has been disabled
reserved for future use A reserved field for possible future use

Documentation / Reference

Powered by ComboStrap