Linux manages users and groups using several important configuration files. These files store essential information like user accounts, passwords, groups, and security settings. Understanding these files is crucial for system administration and security.
This guide covers:
1️⃣ /etc/passwd - Stores user account information.
2️⃣ /etc/shadow - Stores encrypted passwords & security policies.
3️⃣ /etc/group - Stores group information.
4️⃣ /etc/gshadow - Stores secure group details.
📌 Purpose: This file contains basic details of all user accounts in the system, including username, UID, GID, home directory, and default shell.
📌 Access: Public (All users can read it).
Each line represents a user account with the following format:
username:x:UID:GID:user_info:home_directory:shelljohn:x:1001:1001:John Doe:/home/john:/bin/bash🔍 Breakdown:
john→ Usernamex→ Placeholder for password (stored in/etc/shadow)1001→ User ID (UID)1001→ Group ID (GID)John Doe→ User description/home/john→ Home directory/bin/bash→ Default shell
- View all users:
cat /etc/passwd
- Add a new user:
sudo useradd -m -s /bin/bash john
- Modify user details:
sudo usermod -c "New Info" john
📌 Purpose: Stores encrypted passwords and password aging policies for users.
📌 Access: Restricted (Only root can read it).
Each line represents a user password entry with the following format:
username:encrypted_password:last_changed:min_age:max_age:warn:inactive:expire:reservedjohn:$6$somehash:17542:0:99999:7::::🔍 Breakdown:
john→ Username$6$somehash→ Encrypted password17542→ Days since the last password change0→ Minimum days before changing password99999→ Maximum password validity days7→ Warning days before password expires
- View shadow file (Root Only):
sudo cat /etc/shadow
- Change a user’s password:
sudo passwd john
- Force a password reset after 30 days:
sudo chage -M 30 john
📌 Purpose: Stores group names, GIDs, and group members.
📌 Access: Public (All users can read it).
Each line represents a group entry in the following format:
groupname:x:GID:member1,member2,member3developers:x:1002:alice,bob,john🔍 Breakdown:
developers→ Group namex→ Placeholder (group password is in/etc/gshadow)1002→ Group ID (GID)alice, bob, john→ Members of the group
- View all groups:
cat /etc/group
- Create a new group:
sudo groupadd developers
- Add a user to a group:
sudo usermod -aG developers john
📌 Purpose: Stores group passwords and administrator settings.
📌 Access: Restricted (Only root can read it).
Each line represents a secure group entry in this format:
groupname:encrypted_password:group_admins:group_membersdevelopers:$6$somehash:alice,bob:alice,bob,john🔍 Breakdown:
developers→ Group name$6$somehash→ Encrypted passwordalice,bob→ Group administratorsalice,bob,john→ Group members
- View gshadow file (Root Only):
sudo cat /etc/gshadow
- Set a group password:
sudo gpasswd developers
- Assign a group administrator:
sudo gpasswd -A alice developers
| 📂 File | 📌 Purpose | 🔒 Access |
|---|---|---|
/etc/passwd |
Stores user account information | Public |
/etc/shadow |
Stores encrypted passwords | Root Only |
/etc/group |
Stores group details | Public |
/etc/gshadow |
Stores secure group settings | Root Only |
✔ Linux stores user & group details in /etc/passwd and /etc/group 📁
✔ Passwords are securely encrypted in /etc/shadow and /etc/gshadow 🔒
✔ Root user has exclusive access to /etc/shadow and /etc/gshadow 🛑
✔ Users & groups can be managed using commands like useradd, passwd, and groupadd ⚙️