Calculate SHA Hash of Linux Password in Shadow File
In Linux information about each user and their password is stored in two files: /etc/passwd and /etc/shadow. The latter is readable only by root and contains a hash of the users password (and a salt). On Ubuntu Linux (10.10) the default hash algorithm for storing passwords in SHA-512. Consider the following information:
$ grep "test" /etc/passwd test:x:1003:1002:Test User,,,:/home/test:/bin/bash $ sudo grep "test" /etc/shadow test:$6$v/Z3Vau7$ziIipwuJ0C0MA7mSq8y.9dKuCpOlmA2DgHbUs.okDCh mkSbIwf4krzKnidSn91uJo98wBU2bozCgel25AVe39.:15009:0:99999:7:::
(Note I have inserted a line break in the middle of the hash above just for readability; its not in the file).
The /etc/passwd file stores user information, while the password information is in /etc/shadow. After the user name and colon (:) the information is formatted as:
$hashalgorithm$salt$H(password || salt)$
The remaining numbers, such as 15009, are related to the duration the password is valid for. For details of the formats try the man pages for passwd, shadow and crypt.
Algorithm 6 is SHA-512. To take a plaintext password (and salt) as input to SHA-512 to produce the hash value in the same format as in /etc/shadow you can use perl:
$ perl -e 'print crypt("thisismypassword","\$6\$v/Z3Vau7\$") . "\n"' $6$v/Z3Vau7$ziIipwuJ0C0MA7mSq8y.9dKuCpOlmA2DgHbUs.okDCh mkSbIwf4krzKnidSn91uJo98wBU2bozCgel25AVe39.
Other languages (Python, PHP?) could probably perform similar operations.
Created on Tue, 08 Feb 2011, 6:03pm
Last changed on Fri, 16 Aug 2013, 11:15am