Linux stores encrypted passwords in the /etc/shadow file. This file contains hashed versions of user passwords, along with other information related to user accounts.
When a user sets a password, it is processed through a hashing algorithm (such as SHA-512) to create a hash. This hash is then stored in the /etc/shadow file instead of the actual password. The hashing process ensures that the original password cannot be easily retrieved.
Here’s a brief overview of the structure of an entry in the /etc/shadow file:
username:hashed_password:last_changed:min:max:warn:inactive:expire:reserved
username: The user's login name.hashed_password: The hashed password.last_changed: The last time the password was changed (in days since January 1, 1970).min: The minimum number of days before the password can be changed.max: The maximum number of days the password is valid.warn: The number of days before password expiration that the user is warned.inactive: The number of days after password expiration until the account is disabled.expire: The date on which the account will expire.reserved: Reserved for future use.
To verify a password, the system hashes the input password and compares it to the stored hash in the /etc/shadow file. If they match, access is granted.
