Using the /etc/passwd file

Edit online

Traditionally, the /etc/passwd file is used to keep track of every registered user that has access to a system.

The /etc/passwd file is a colon-separated file that contains the following information:
  • User name
  • Encrypted password
  • User ID number (UID)
  • User's group ID number (GID)
  • Full name of the user (GECOS)
  • User home directory
  • Login shell
The following is an example of an /etc/passwd file:
root:!:0:0::/:/usr/bin/ksh
daemon:!:1:1::/etc:
bin:!:2:2::/bin:
sys:!:3:3::/usr/sys: 
adm:!:4:4::/var/adm:
uucp:!:5:5::/usr/lib/uucp: 
guest:!:100:100::/home/guest:
nobody:!:4294967294:4294967294::/:
lpd:!:9:4294967294::/:
lp:*:11:11::/var/spool/lp:/bin/false 
invscout:*:200:1::/var/adm/invscout:/usr/bin/ksh
nuucp:*:6:5:uucp login user:/var/spool/uucppublic:/usr/sbin/uucp/uucico
paul:!:201:1::/home/paul:/usr/bin/ksh
jdoe:*:202:1:John Doe:/home/jdoe:/usr/bin/ksh
AIX® does not store encrypted passwords in the /etc/passwd file in the way that UNIX systems do, but in the /etc/security/passwd file by default, which is only readable by the root user. The password field in /etc/passwd is used by AIX to signify if there is a password or whether the account is blocked.
Note: start of changeWhen the login shell is null, login is successful and the resulting login shell is Bourne shell for ssh. When accessed via su the login shell is sh, which is a hard link to ksh.end of change
The /etc/passwd file is owned by the root user and must be readable by all the users, but only the root user has writable permissions, which is shown as -rw-r--r--. If a user ID has a password, then the password field will have an ! (exclamation point). If the user ID does not have a password, then the password field will have an * (asterisk). The encrypted passwords are stored in the /etc/security/passwd file. The following example contains the last four entries in the /etc/security/passwd file based on the entries from the /etc/passwd file shown previously. 
guest:
        password = *
                                         
nobody: 
        password = * 
                                         
lpd: 
        password = * 

paul: 
        password = eacVScDKri4s6 
        lastupdate = 1026394230 
        flags = ADMCHG

The user ID jdoe does not have an entry in the /etc/security/passwd file because it does not have a password set in the /etc/passwd file.

The consistency of the /etc/passwd file can be checked using the pwdck command. The pwdck command verifies the correctness of the password information in the user database files by checking the definitions for all of the users or for specified users.