Information about /etc/shadow file in Linux/Unix

The /etc/shadow file contains the password in encrypted format. It contains the information about user password.

Here, we will need to notice that /etc/passwd file contains the information about the user and /etc/shadow file contains the information about the user password.

This file contains the username, user password in encrypted format, last password change, etc.

The /etc/passwd file contains the information as shown below

[root@SOC01 ~]# cat /etc/shadow

root:x:0:0:root:/root:/bin/bash

bin:x:1:1:bin:/bin:/sbin/nologin

daemon:x:2:2:daemon:/sbin:/sbin/nologin

adm:x:3:4:adm:/var/adm:/sbin/nologinlp:*:14789:0:99999:7:::

sync:*:14789:0:99999:7:::

shutdown:*:14789:0:99999:7:::

halt:*:14789:0:99999:7:::

mail:*:14789:0:99999:7:::

uucp:*:14789:0:99999:7:::

operator:*:14789:0:99999:7:::

games:*:14789:0:99999:7:::

gopher:*:14789:0:99999:7:::

ftp:*:14789:0:99999:7:::

nobody:*:14789:0:99999:7:::

usbmuxd:!!:15582::::::

shashank:$6$8ExtOSsV$fMEDgsIA5dIyFE56cbBfLkePl.udw7LDMY68jj912VqAwvz/gs7h3rU1s6Y

ldap:!!:15654:0:99999:7:::
ldapuser:$6$P/kWJv9S$v3XhBrO9nSf9Cu05yW4QmfA7s26mSuMHyGRg05f5Bp.MReKjnzFlqLIf3pp

This file contains 8 fields separated by colon (:)

1st field:           Contains the username

2nd field:          This field contains the password in encrypted format

3rd field:           It contains the last password change since 1 Jan 1970

4th field:           The minimum number of days before the password change

5th field:           The maximum number of days before the password change

6th field:           This field contains the warning message before password expires. The user is requested to change the password.

7th field:           The number of days after password expires
8th field:           This field contains when the user account disables and user can no longer be used.

chage command is used to modify the filed in /etc/shadow file.

!! means password never set
! In second column if first word is ! which means that account is locked