Where are password representations stored on Linux/UNIX systems?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

Where are password representations stored on Linux/UNIX systems?

Explanation:
In Linux/UNIX, password representations are protected by the shadow password mechanism: the actual hashed passwords are stored in a separate file, while basic account information lives in another. Specifically, /etc/passwd holds the user records, and the password hashes themselves are kept in /etc/shadow with restricted permissions so normal users cannot read them. That’s why the best answer lists both locations. The other paths aren’t standard places for password data: /etc/passwords isn’t used, a file in a user’s home directory isn’t the system-wide store, and /var/log/shadow is a log location rather than a password store.

In Linux/UNIX, password representations are protected by the shadow password mechanism: the actual hashed passwords are stored in a separate file, while basic account information lives in another. Specifically, /etc/passwd holds the user records, and the password hashes themselves are kept in /etc/shadow with restricted permissions so normal users cannot read them. That’s why the best answer lists both locations. The other paths aren’t standard places for password data: /etc/passwords isn’t used, a file in a user’s home directory isn’t the system-wide store, and /var/log/shadow is a log location rather than a password store.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy