bash-3.00# man shadow
Reformatting page. Please Wait... done
File Formats shadow(4)
NAME
shadow - shadow password file
DESCRIPTION
/etc/shadow is an access-restricted ASCII system file that
stores users' encrypted passwords and related information.
The shadow file can be used in conjunction with other shadow
sources, including the NIS maps passwd.byname and
passwd.byuid and the NIS+ table passwd. Programs use the
getspnam(3C) routines to access this information.
The fields for each user entry are separated by colons. Each
user is separated from the next by a newline. Unlike the
/etc/passwd file, /etc/shadow does not have general read
permission.
Each entry in the shadow file has the form:
username:password:lastchg:min:max:warn:inactive:expire:flag
The fields are defined as follows:
username The user's login name (UID).
password An encrypted password for the user generated
by crypt(3C), a lock string to indicate that
the login is not accessible, or no string,
which shows that there is no password for
the login.
The lock string is defined as *LK* in the
first four characters of the password field.
lastchg The number of days between January 1, 1970,
and the date that the password was last
modified. The lastchg value is a decimal
number, as interpreted by atol(3C).
min The minimum number of days required between
password changes. This field must be set to
0 or above to enable password aging.
# cat /etc/shadow
daemon:NP:6445::::::
bin:NP:6445::::::
sys:NP:6445::::::
adm:NP:6445::::::
lp:NP:6445::::::
uucp:NP:6445::::::
nuucp:NP:6445::::::
smmsp:NP:6445::::::
listen:*LK*:::::::
gdm:*LK*:::::::
webservd:*LK*:::::::
postgres:NP:::::::
svctag:*LK*:6445::::::
nobody:*LK*:6445::::::
noaccess:*LK*:6445::::::
nobody4:*LK*:6445::::::
abc:N4SPCMZaN71JE:14991::91::::
# bash
bash-3.00# passwd abc
New Password:
Re-enter new Password:
passwd: password successfully changed for abc
bash-3.00# cat /etc/shadow |grep abc
abc:ZfS8vlA6FtmL2:15062::91::::
bash-3.00#
该文件中每三个字段对应的就是1970年元旦后的天数,可以使用命令passwd -s abc来查看abc用户的口令修改时间了,当然,如果没有shadow文件,则需要pwconv命令生成了
阅读(588) | 评论(0) | 转发(0) |