bash-3.00# man shadow
Reformatting page.  Please Wait... done

File Formats                                            shadow(4)

NAME
     shadow - shadow password file

DESCRIPTION
     /etc/shadow is an access-restricted ASCII system  file  that
     stores  users'  encrypted passwords and related information.
     The shadow file can be used in conjunction with other shadow
     sources,   including   the   NIS   maps   passwd.byname  and
     passwd.byuid and the NIS+ table  passwd.  Programs  use  the
     getspnam(3C) routines to access this information.

     The fields for each user entry are separated by colons. Each
     user  is  separated  from  the next by a newline. Unlike the
     /etc/passwd file, /etc/shadow does  not  have  general  read
     permission.

     Each entry in the shadow file has the form:

     username:password:lastchg:min:max:warn:inactive:expire:flag

     The fields are defined as follows:

     username        The user's login name (UID).

     password        An encrypted password for the user generated
                     by crypt(3C), a lock string to indicate that
                     the login is not accessible, or  no  string,
                     which  shows  that  there is no password for
                     the login.

                     The lock string is defined as  *LK*  in  the
                     first four characters of the password field.

     lastchg         The number of days between January 1,  1970,
                     and  the  date  that  the  password was last
                     modified. The lastchg  value  is  a  decimal
                     number, as interpreted by atol(3C).

     min             The minimum number of days required  between
                     password  changes. This field must be set to
                     0 or above to enable password aging.


# cat /etc/shadow         
daemon:NP:6445::::::
bin:NP:6445::::::
sys:NP:6445::::::
adm:NP:6445::::::
lp:NP:6445::::::
uucp:NP:6445::::::
nuucp:NP:6445::::::
smmsp:NP:6445::::::
listen:*LK*:::::::
gdm:*LK*:::::::
webservd:*LK*:::::::
postgres:NP:::::::
svctag:*LK*:6445::::::
nobody:*LK*:6445::::::
noaccess:*LK*:6445::::::
nobody4:*LK*:6445::::::
abc:N4SPCMZaN71JE:14991::91::::
# bash



bash-3.00# passwd abc
New Password:
Re-enter new Password:
passwd: password successfully changed for abc


bash-3.00# cat /etc/shadow |grep abc
abc:ZfS8vlA6FtmL2:15062::91::::
bash-3.00#

该文件中每三个字段对应的就是1970年元旦后的天数，可以使用命令passwd -s abc来查看abc用户的口令修改时间了，当然，如果没有shadow文件，则需要pwconv命令生成了