Wednesday, December 15, 2004

The Shadow File

This is the first post to The Shadow File. I suppose a brief explanation is in order. What is The Shadow File? In Unix and Linux, an algorithm is used to create a one-way hash of a user's password. This hash, along with the username and other information used to be stored in /etc/passwd. In many modern *nix systems, the password hash has been removed from the passwd file and is now stored in a separate file, because the passwd file is world-readable. This way, an attacker would have to obtain both files in order to attempt to recreate the password. The file that contains the password hashes is /etc/shadow. Now you know.

The things that will fill this page include my humble observations and musings on whatever projects I may be working on or anything at all that may stimulate my thoughts. So prepare to have your attention captured. I'm sure you won't be able to pry your eyes away.