Quote:
Originally Posted by ncsuapex
/etc/passwd
/etc/shadow
|
Run the following test:
1) assume 'john' is your username
2) grep john /etc/shadow
you will see a hash value
do it again, you will see the same value
3) passwd
and change your password (or not, you can retype the same password even)
issue line 2 again, you will see a new hash
What is strange to note though, and I had never realised this before now, is that the hash changes, even if the password doesn't!
The password CAN be stored in the /etc/passwd file as well, so you could also check to see if you see a hash in it, by issuing:
4) grep john /etc/passwd
If you see an 'x' after your name (eg: 'john:x:') that means the password shadow file is used. There are other meaningful exressions in that field, but there also may be the hash itself.
google passwd shadow and have a look around