Linux: How the password is stored, salted and hashed securely?

In earlier systems, passwords were stored in the file /etc/passwd and they were not encrypted.

After the user is created, an entry gets recorded in /etc/passwd with ‘x’ in the second column instead of the acutal password.

$ useradd timmy

$ cat /etc/passwd
timmy:x:1002:1003::/home/timmy:/bin/sh

For security reasons, passwords are now stored in the file /etc/shadow and they are encrypted. Password was not set initially, when the user was created. This is indicated by !! mark (in RedHat, ! – Debian)

$ cat /etc/shadow

timmy:!!:15870:0:99999:7:::

To set the password, issue the linux command.
$ passwd timmy

We will set the password for this user as ‘jimmy’ and can check the shadow file

$ cat /etc/shadow
timmy:$1$KaO8EWvi$WGT82UrL6aPgzf66u35D00:15870:0:99999:7:::

The password that is stored in the second column is not a straight hash of the string “jimmy”

Password is in fact the MD5-salted version of the string. Salt is generated by the system when the password gets stored in the shadow file.

To understand the structure of the password string, we can break the string into four parts

$1$ – indicates that MD5 algorithm is used

KaO8EWvi – salt generated by system

$ – separation character between salt and hash

WGT82UrL6aPgzf66u35D00 – hash of salted password

To know more about password authentication in Linux check the PAM Manual
$ man pam_linux

 

Share it onShare on FacebookShare on Google+Tweet about this on TwitterShare on LinkedIn

Written by kurinchilamp


Website: http://

Leave a Reply

Your email address will not be published. Required fields are marked *

Read previous post:
How to fix Hibernate MySql connection timeout issue (solved)?

When we began creating an application using Struts2 framework with Hibernate and MySQL, we ran into a problem which was...

Close