Why is there an
the password field (field 2) of the previous example? When Unix was
originally designed, the /etc/passwd file stored
a user’s encrypted password string in field 2 of
/etc/passwd. The password was encrypted using an
algorithm known as a one-way hash (the crypt
algorithm), meaning that while it was trivial to convert a string to a
hashed value, it was mathematically difficult (i.e., it would take an
extremely long time) to convert the hashed value back to the original
string. This is a common function of algorithms used in the security
world, especially for things such as passwords. If you can’t determine
the original password when you only know the hashed value, then we
don’t have to worry about the security around the hashed value itself,
because it is too difficult mathematically to derive the password from
the hashed value. So this hashed value can be stored in a
world-readable file such as /etc/passwd without
compromising the security of the system.
If it’s very difficult to derive a password from its hashed value, how does the system know I’m typing in the right password when I log in? The login process on a Linux system follows these steps:
Prompt user for a username and password.
Look in /etc/passwd to see whether the user account exists.
If it does, encrypt the string given as the password using the crypt algorithm.
Compare the encrypted string given by the user with the encrypted string stored in field 2 of the /etc/passwd entry for that ...