Where user password is saved?

[anti]

/etc/passwd contains information about users, shell type and etc.
I didn't find the password of any user listed there.

I would like to ask two questions:

1- Where user passwords are stored? Are they encrypted? If, by which algorithm?
2- Can I change the shell type of any user via /etc/passwd? Is there an alternative way to do that?

 

[wblock@]

Start with master.passwd(5).

 

[fonz]

Where user passwords are stored?

/etc/master.passwd

Are they encrypted?

Yes, of course. It would not be very secure otherwise (he said with some feeling for understatement).

by which algorithm?

Configurable via /etc/login.conf (see login.conf(5)). I'm not sure what the default is these days, but personally I prefer Blowfish.

Can I change the shell type of any user via /etc/passwd?

Yes. Do make sure to use vipw(8) for that though.

Is there an alternative way to do that?

Yes: chsh (see chpass(1), it's all the same program). And it can probably also be done with pw(8), but don't ask me what the exact command is.

 

[_martin]

Yes: chsh (see chpass(1), it's all the same program). And it can probably also be done with pw(8), but don't ask me what the exact command is.

Using pw you can change the user's shell:

# pw user mod <USER> -s /path/to/shell

 

[SirDice]

There are various tools to edit the information in both passwd and master.passwd. What fonz was trying to say is do NOT edit those files by hand (i.e. # vi /etc/passwd). You will end up in a world of hurt as you are bound to destroy either file, losing your accounts in the process.

 

[fonz]

What @fonz was trying to say is do NOT edit those files by hand (i.e. # vi /etc/passwd).

Exactly. As far as I know it's fine to edit /etc/group directly, but NOT /etc/passwd or /etc/master.passwd.