User and Group Configuration Files Explained

Key Concepts

• /etc/passwd
• /etc/shadow
• /etc/group
• /etc/gshadow

/etc/passwd

The /etc/passwd file stores essential information about users on a Linux system. Each line in this file represents a user and contains seven fields separated by colons:

• Username
• Password (usually an 'x' indicating the password is stored in /etc/shadow)
• User ID (UID)
• Group ID (GID)
• User ID Info (comment field)
• Home directory
• Login shell

Example: john:x:1000:1000:John Doe,,,:/home/john:/bin/bash

/etc/shadow

The /etc/shadow file contains the encrypted passwords and additional account information for users. This file is more secure and accessible only to the root user. Each line contains nine fields:

• Username
• Encrypted password
• Last password change
• Minimum password age
• Maximum password age
• Password warning period
• Password inactivity period
• Account expiration date
• Reserved field

Example: john:$6$randomsalt$encryptedpassword:18273:0:99999:7:::

/etc/group

The /etc/group file stores information about groups on the system. Each line represents a group and contains four fields:

• Group name
• Group password (usually an 'x' indicating the password is stored in /etc/gshadow)
• Group ID (GID)
• Group members (comma-separated list of users)

Example: developers:x:1001:john,jane

/etc/gshadow

The /etc/gshadow file contains encrypted passwords and administrative information for groups. This file is also accessible only to the root user. Each line contains four fields:

• Group name
• Encrypted group password
• Group administrators (comma-separated list of users)
• Group members (comma-separated list of users)

Example: developers:$6$randomsalt$encryptedpassword:john:john,jane