Using the /etc/passwd file
Traditionally, the /etc/passwd file is used to keep track of every registered user that has access to a system.
The /etc/passwd file is a colon-separated file that contains the following information:
- User name
- Encrypted password
- User ID number (UID)
- User's group ID number (GID)
- Full name of the user (GECOS)
- User home directory
- Login shell
root:!:0:0::/:/usr/bin/ksh daemon:!:1:1::/etc: bin:!:2:2::/bin: sys:!:3:3::/usr/sys: adm:!:4:4::/var/adm: uucp:!:5:5::/usr/lib/uucp: guest:!:100:100::/home/guest: nobody:!:4294967294:4294967294::/: lpd:!:9:4294967294::/: lp:*:11:11::/var/spool/lp:/bin/false invscout:*:200:1::/var/adm/invscout:/usr/bin/ksh nuucp:*:6:5:uucp login user:/var/spool/uucppublic:/usr/sbin/uucp/uucico paul:!:201:1::/home/paul:/usr/bin/ksh jdoe:*:202:1:John Doe:/home/jdoe:/usr/bin/ksh
AIX® does not store encrypted passwords in the /etc/passwd file in the way that UNIX systems do, but in the /etc/security/passwd file by default, which is only readable by the root user. The password field in the /etc/passwd file is used by AIX to signify whether a password exists or whether the account is blocked.
Note: When the login shell is null, login is successful and the resulting login shell is Bourne shell for ssh. When accessed via
suthe login shell is sh, which is a hard link to ksh.
The /etc/passwd file is owned by the root user and must be readable by all the users, but only the root user has writable permissions, which are shown as
-rw-r--r--. If a user ID has a password, then the password field will have an
!(exclamation point). If the user ID does not have a password, then the password field will have an
*(asterisk). The encrypted passwords are stored in the /etc/security/passwd file. The following example contains the last four entries in the /etc/security/passwd file based on the entries from the /etc/passwd file shown previously.
guest: password = * nobody: password = * lpd: password = * paul: password = eacVScDKri4s6 lastupdate = 1026394230 flags = ADMCHG
jdoe does not have an entry in the /etc/security/passwd file because it does not have a password set in the /etc/passwd file.
The consistency of the /etc/passwd file can be checked using the pwdck command. The pwdck command verifies the correctness of the password information in the user database files by checking the definitions for all of the users or for specified users.