In Linux, user information stored inside /etc/passwd and password in /etc/shadow. In this post, I will discuss password storage in Redhat Enterprise Linux 5.x. On a Linux system where there is a user with name vishesh exist, the entry in /etc/shadow is as below
2nd column of above given line is the password, note that each column is separated with colon(:). 2nd field is as below
2nd column is further divided into three section where each section is separated by $.
First field of 2nd column is 1 which is denoting the fact that password is getting stored in MD5 format. I mean to say 1 is denoting MD5. On the analysis of RHEL6 system, you will found that in place of 1 there will be value 6 which denote SHA512
2nd field of 2nd column is salt. salt could be anything random. There will be separate salt of each stored in /etc/shadow. In our case salt is QcuAEvix ($QcuAEvix$ in shadow).
3rd field is encoded password, encoding has been performed using salt and actual password. Linux system does not store actual password, instead password processed with salt and get stored in /etc/shadow. The most important feature of encoded password is that, encoded password can’t be reversed into actual password using salt. Encoding in this case is just one way process.
You can generate shadow format password, using openssl command. Following command generate random salt and salted password
Remember that last world of command is -1 (one means MD5)