The /etc/passwd file contains each user, one on each line. And the user ID number, then the home directory and the shell used by that user.
1 2 3 4 5 | sifiso:x:554:554::/home/commitec/mail/commitec.co.za/sifiso:/bin/bash info:x:554:554::/home/commitec/mail/commitec.co.za/info:/bin/bash sales:x:554:554::/home/commitec/mail/commitec.co.za/sales:/bin/bash admin:x:554:554::/home/commitec/mail/commitec.co.za/admin:/home/commitec siphiwos:x:1794:1790::/home/commitec/mail/commitec.co.za/siphiwos:/home/commitec |
Then the /etc/shadow file contains the username again, then the encrypted password. The password is stored as the salt value and then the actual password hash.
1 2 3 4 5 | sifiso:$6$HOScMRBp1VGlVyjX$gsWQDJTo.323E6l4yHIzHuSsBEKUT6fZEwP.mya.S0anlPC5CG8jzDuobup1uysX2vZpkvP4c9NAbH7lSKhsD.:17836:::::: info:$6$drcc.7LGHJRR/LvV$9pvwTCpQJ6Lu0DUuJf7Y2/lVnzP7tNChJid455dyqx1uulQC0RjkHvykf6Nx84GLCjrkuWuwAIbtEPQofuB0i.:17792:::::: sales:$1$I6SPXnN6$iV28hjIKAnoZFPe9Bd/.A/:15314:::::: admin:$1$/DuQWJBi$i/zMcdZsaAtPcziBYSLhv/:15796:::::: siphiwos:$6$JRk1M6/i2Qn9ZUQg$V.ZQn3L9vbo83gaaMlonuLIUS0xYGMCuaWUELrhgl8MZgozPRZpcxSpWgJx/ZYbzF8JcM0OoV2y7wN8DfXfKe0:17968:::::: |
Just like this example. This is the salt value: HOScMRBp1VGlVyjX. Then the encrypted password follows. Each section is delimited by a $ character.
1 | $6$HOScMRBp1VGlVyjX$gsWQDJTo.323E6l4yHIzHuSsBEKUT6fZEwP.mya.S0anlPC5CG8jzDuobup1uysX2vZpkvP4c9NAbH7lSKhsD. |
The number 6 at the start of the password string delineates sha512crypt encryption. If it was $1 instead, it would be MD5 which is useless. But sha512crypt is far superior and still secure enough, but only if you use a strong alpha-numeric password with some upper-case letters to add entropy. Linux hashes the password you type at the login prompt and then compares the hash of this to the stored one for your user to see if it is the correct password for login.
The /etc/group file contains all user groups on your Linux system, this is useful for adding a user to a certain group to get a certain service or hardware item working.
Notice the user “ubuntu” is added to a few groups, this is essential for day to day use of the user account.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 | root:x:0: daemon:x:1: bin:x:2: sys:x:3: adm:x:4:syslog,ubuntu tty:x:5: disk:x:6: lp:x:7: mail:x:8: news:x:9: uucp:x:10: man:x:12: proxy:x:13: kmem:x:15: dialout:x:20:ubuntu fax:x:21: voice:x:22: cdrom:x:24:ubuntu floppy:x:25:ubuntu tape:x:26: sudo:x:27:ubuntu audio:x:29:ubuntu dip:x:30:ubuntu www-data:x:33: backup:x:34: operator:x:37: list:x:38: irc:x:39: src:x:40: gnats:x:41: shadow:x:42: utmp:x:43: video:x:44:ubuntu sasl:x:45: plugdev:x:46:ubuntu staff:x:50: games:x:60: users:x:100: nogroup:x:65534: systemd-journal:x:101: systemd-timesync:x:102: systemd-network:x:103: systemd-resolve:x:104: systemd-bus-proxy:x:105: input:x:106: crontab:x:107: syslog:x:108: netdev:x:109:ubuntu lxd:x:110:ubuntu messagebus:x:111: uuidd:x:112: mlocate:x:113: ssh:x:114: admin:x:115: ubuntu:x:1000: couchbase:x:999: ntp:x:116: redis:x:117: dd-agent:x:118: docker:x:998: ssl-cert:x:119: mysql:x:120: |
The /etc/environment file contains the environment variables used by the Linux system.
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games" |
As you can see it only has the PATH in it, but this may be easily edited to add more locations.
Just like the example below.
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/opt/bin" |