Password hashes are stored in /etc/shadow:
Code:
rob@precise:~$ sudo cat /etc/shadow | grep rob
[sudo] password for rob:
rob:$6$D2TbFGvD$5RcAk6tVEB/kBtNyiBH7s1d0TYTfjfLp78eFHIlYXT1eI7y83bo8/oWMubuF.eUJDAqBYpcef5e571tPMfAt30:15526:0:99999:7:::
The relevant information is the field between the first and second colons.
The $6$ means that the password hash is calculated using SHA512 hashing, the rest of the field is the hashed password, in this case:
Code:
D2TbFGvD$5RcAk6tVEB/kBtNyiBH7s1d0TYTfjfLp78eFHIlYXT1eI7y83bo8/oWMubuF.eUJDAqBYpcef5e571tPMfAt30
Hashing is a mathematical function that is easy to do in one direction but impossible to do in the other direction. When you are prompted for your password the computer runs it through the hashing algorithm and compares the result with the value stored in /etc/shadow. If they match then the password is correct. It is, however, impossible to take the result of the hashing function and run it backwards to discover the actual password.
http://en.wikipedia.org/wiki/Cryptog..._hash_function
http://en.wikipedia.org/wiki/SHA-2
Bookmarks