In Linux, if a password field has an 'x' in /etc/passwd, where are the actual password hashes stored?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

In Linux, if a password field has an 'x' in /etc/passwd, where are the actual password hashes stored?

Explanation:
Password hashes are kept in a separate file called /etc/shadow. On modern Linux systems, the /etc/passwd entry for a user often shows an x (or sometimes * or !) in the password field, which means the real hash isn’t stored there anymore. The actual hash resides in /etc/shadow, which is protected so only privileged users can read it, reducing exposure of password data. The /etc/passwd file still holds the user’s account information (username, UID, GID, home directory, shell), but not the hash. /boot isn’t used for storing password hashes; LDAP is an optional centralized authentication backend and not the default local storage location for hashes.

Password hashes are kept in a separate file called /etc/shadow. On modern Linux systems, the /etc/passwd entry for a user often shows an x (or sometimes * or !) in the password field, which means the real hash isn’t stored there anymore. The actual hash resides in /etc/shadow, which is protected so only privileged users can read it, reducing exposure of password data. The /etc/passwd file still holds the user’s account information (username, UID, GID, home directory, shell), but not the hash. /boot isn’t used for storing password hashes; LDAP is an optional centralized authentication backend and not the default local storage location for hashes.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy