Introduction to Data Communications
Previous 51g. Creating Users and Groups Next

51g. Creating Users and Groups

password file

User information is contained in a text file called password that is normally located in the /etc directory. The file is often modified by a program called adduser or something similar. The text file password consists of the following information for each user:

	eblanchard:1v2B3uWaA.8iA:501:237:Eugene Blanchard:/home/eblanchard:/bin/bash



	"eblanchard" 		is the username.

	"1v2B3uWaA.8iA" 	is the user's encrypted password.

	"501" 			is the user's numerical ID (must be unique)

	"237" 			is the group numerical ID that the user belongs to.

	"Eugene Blanchard"	is the full name of the user.

	"/home/eblanchard" 	is the home directory of the user.

	"/bin/bash" 		is the shell program that the user uses.

The password file is available to all users to view. This is because some programs require access to the password file.

Note: usernames longer than 8 characters can cause problems in some programs. For example, the username "eblanchard" cannot telnet into a Linux server from a Win95 telnet client. The username is truncated to "eblancha" and the Linux server doesn't recognize it as a valid username.


Changing your password

To change your password, you type the password command. Depending on the flavour of Unix that you are using, it may be one of the following:

The password command will prompt you for your existing password (old) then ask you to type in your new password once and then once again to confirm the password. Choose a password that is at least 8 characters long, use alphanumeric characters and a combination of upper and lower case letters. Write down you password in a safe place that you will remember where it is!


group file

The group file is a text file that contains information about the groups that are allowed to use the system. It is located in the directory /etc. Groups are added using a program called addgrp or something similar. Each line in a group file contains four fields:

	instructors:NONE:237:eblanchard,dspurgeon,hsylvan



	"instructors"		is the group name

	"NONE"			indicates that there is no password with this group.

				It is limited to the listed users.

	"237"			is the numerical group ID

	"eblanchard,..		is the list of group members which can be users or other groups


shadow file

Unix passwords are a maximum of 13 characters long and can be encrypted in 4,096 different ways. There are hacking programs that are able to decode the passwords in the password file. In order to fix this security leak, Unix operating systems that are System V compatible have another file called the shadow file that works with the password file.

The password file does not contain the encrypted passwords, instead it points to the shadow file, which contains the encrypted login passwords. The password file will have a blank space where the encrypted password usually resides.

The password file is still available for all users to view but the shadow file is restricted and only the system administrator can view it. In this manner the security loop-hole has been fixed.


Introduction to Data Communications
Previous Table of Contents Next