|
passwd is a tool on most Unix and Unix-like operating systems used to change a user's password. The password entered by the user is run through a key derivation function to create a hashed version of the new password, which is saved. Only the hashed version is stored; the entered password is not saved for security reasons. When the user logs on, the password entered by the user during the log on process is run through the same key derivation function and the resulting hashed version is compared with the saved version. If the hashes are identical, the entered password are considered to be identical, and so the user is authenticated. In theory, it is possible to occur that two different passwords produce the same hash. However, cryptographic hash functions are designed in such a way that finding any password that produces the given hash is very difficult and practically unfeasible, so if the produced hash matches the stored one, the user can be authenticated. The passwd command may be used to change passwords for local accounts, and on most systems, can also be used to change passwords managed in a distributed authentication mechanism such as NIS, Kerberos, or LDAP. == Password file == The /etc/passwd file is a text-based database of information about users that may log in to the system or other operating system user identities that own running processes.In many operating systems this file is just one of many possible back-ends for the more general passwd name service. The file's name originates from one of its initial functions as it contained the data used to verify passwords of user accounts. However, on modern Unix systems the security-sensitive password information is instead often stored in a different file using shadow passwords, or other database implementations. The /etc/passwd file typically has file system permissions that allow it to be readable by all users of the system (''world-readable''), although it may only be modified by the superuser or by using a few special purpose privileged commands.The /etc/passwd file is a text file with one record per line, each describing a user account.Each record consists of seven fields separated by colons. The ordering of the records within the file is generally unimportant. An example record may be: jsmith:x:1001:1000:Joe Smith,Room 1007,(234)555-8910,(234)555-0044,email:/home/jsmith:/bin/sh The fields, in order from left to right, are:〔(Understanding /etc/passwd File Format )〕# User name: the string a user would type in when logging into the operating system: the logname. Must be unique across users listed in the file. # Information used to validate a user's password; in most modern uses, this field is usually set to "x" (or some other indicator) with the actual password information being stored in a separate shadow password file. Setting this field to an asterisk (" *") is a common way to disable direct logins to an account while still preserving its name. Another possible value is " *NP *" which indicates to use an NIS server to obtain the password. # user identifier number, used by the operating system for internal purposes. It need not be unique. # group identifier number, which identifies the primary group of the user; all files that are created by this user may initially be accessible to this group. # Gecos field, commentary that describes the person or account. Typically, this is a set of comma-separated values including the user's full name and contact details. # Path to the user's home directory. # Program that is started every time the user logs into the system. For an interactive user, this is usually one of the system's command line interpreters (shells). 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Passwd」の詳細全文を読む スポンサード リンク
|