Security, security, security… We’ve already touched on two factor authentication and how to protect your credentials. An important aspect of security is not only coming up with a strong password, but also knowing how to properly store it and protect it from hacking. You need to properly understand where and how passwords are stored in Linux, as well as what security measures are taken. In this article, we will look at various ways to check commands that will show you all available passwords on your Linux shell. This article, for obvious reasons, will not provide screenshots, but will show actual commands that will help you check your passwords.
Method #1 /etc/passwd and /etc/shadow
Basic user information is stored in the /etc/passwd file, but actual passwords are now stored in a separate /etc/shadow file. The /etc/passwd file is readable by all users, but /etc/shadow is readable only by the superuser (root). This significantly reduces the risk of passwords being compromised.
Method #2. Shadow Suite
Shadow Suite provides additional tools for account management and password security. Additionally, it includes utilities such as passwd, useradd, usermod and others that provide secure account management.
Method #3. Password encryption
Linux uses password hashing to store them in a secure form. Encryption is carried out using algorithms such as MD5, SHA-256, SHA-512 and others. This prevents direct access to real passwords if the /etc/passwd or /etc/shadow files are leaked.
Method #4. SELinux (Security-Enhanced Linux)
SELinux provides an additional layer of security by controlling access to files and resources. This can prevent unauthorized access to password files and other sensitive information. To check – please enter the following command
sestatus
Method #5. PAM (Pluggable Authentication Modules)
PAM provides an architecture to enable various authentication methods, including password entry. PAM modules are configured in the /etc/pam.d/ file, providing flexibility in the choice of authentication methods.
