登录密码是保存在计算机上还是仅保存密码的哈希版本？

Question

登录密码是保存在计算机上还是仅保存密码的哈希版本？如果只保存登录密码的哈希版本，则使用哪种哈希方法？它存储在机器上的哪个文件夹中？我使用的是 Ubuntu 22.04。

Answer 1

Per man shadow，解释了如何为用户存储密码：

\n

   encrypted password\n       This field may be empty, in which case no passwords are required to\n       authenticate as the specified login name. However, some\n       applications which read the /etc/shadow file may decide not to\n       permit any access at all if the password field is empty.\n\n       A password field which starts with an exclamation mark means that\n       the password is locked. The remaining characters on the line\n       represent the password field before the password was locked.\n\n       Refer to crypt(3) for details on how this string is interpreted.\n\n       If the password field contains some string that is not a valid\n       result of crypt(3), for instance ! or *, the user will not be able\n       to use a unix password to log in (but the user may log in the\n       system by other means).\n

\n

因此，man 3 crypt我们看到这解释了加密：

\n

DESCRIPTION\n     The crypt, crypt_r, crypt_rn, and crypt_ra functions irreversibly \n     \xe2\x80\x9chash\xe2\x80\x9d phrase for storage in the system password database (shadow(5)) \n     using a cryptographic \xe2\x80\x9chashing method.\xe2\x80\x9d The result of this operation \n     is called a \xe2\x80\x9chashed passphrase\xe2\x80\x9d or just a \xe2\x80\x9chash.\xe2\x80\x9d Hashing methods are \n     described in crypt(5).\n

\n

接下来，我们看看man 5 crypt：

\n

DESCRIPTION\n     The hashing methods implemented by crypt(3) are designed only to process user \n     passphrases for storage and authentication; they are not suitable for use as \n     general-purpose cryptographic hashes.\n\n     Passphrase hashing is not a replacement for strong passphrases.  It is always \n     possible for an attacker with access to the hashed passphrases to guess and check \n     possible cleartext passphrases.  However, with a strong hashing method, guessing will \n     be too slow for the attacker to discover a strong passphrase.\n\n     All of the hashing methods use a \xe2\x80\x9csalt\xe2\x80\x9d to perturb the hash function, so that the \n     same passphrase may produce many possible hashes.  Newer methods accept longer \n     salt strings.  The salt should be chosen at random for each user.  Salt defeats a \n     number of attacks:\n\n     1.   It is not possible to hash a passphrase once and then test it against each \n          account's stored hash; the hash calculation must be repeated for each account.\n\n     2.   It is not possible to tell whether two accounts use the same passphrase without \n          successfully guessing one of the phrases.\n\n     3.   Tables of precalculated hashes of commonly used passphrases must have an entry \n          for each possible salt, which makes them impractically large.\n\n     All of the hashing methods are also deliberately engineered to be slow; they use many \n     iterations of an underlying cryptographic primitive to increase the cost of each \n     guess.  The newer hashing methods allow the number of iterations to be adjusted, \n     using the \xe2\x80\x9cCPU time cost\xe2\x80\x9d parameter to crypt_gensalt(3).  This makes it possible to \n     keep the hash slow as hardware improves.\n

\n

通过跟踪这个链（man shadowto man 3 cryptto man 5 crypt），我们可以看到密码是以加盐哈希密码的/etc/shadow形式存储的。有许多可用的哈希机制和方法，因此您必须深入研究手册页才能真正解释数据，以确定您的环境默认使用哪种哈希机制。/etc/shadow

\n