Understanding the /etc/shadow File in Linux

In Linux, the “/etc/shadow” file holds the encrypted password information of the system users. This file contains the account details of each user in the record format. Only the administrator or root user can modify the “shadow” file.

This article provides a detailed explanation to understand the “/etc/shadow” file in the Linux system. The content to explain the “shadow” file is as follows:

Let’s get into the basics of the “/etc/shadow” file.

Understand the /etc/shadow File in Linux

In Linux, the “shadow” file contains nine fields, including “username”, “last password change date”, and “password expiration value”, etc., that are separated by a colon(:). To display the content of the “shadow” file, the “cat” utility is used as below:

$ sudo cat /etc/shadow

The output shows the information of system users in record format.

Let’s discuss the nine fields of the first record:


From left to right, the description of the above script is given below:

  • root: It specifies the username.
  • !: It identifies the empty password which does not acquire authentication.
  • 19338: It represents the number of days at the last password date change since Jan 1, 1970.
  • 0: It refers to the number of days for minimum password age.
  • 99999: It identifies the number of days for maximum password age.
  • 7: the number refers to the warning period after that password expires.

Let’s explore the “shadow” file with multiple examples.

How to Check Permissions of /etc/shadow File?

The “ls” command with the “-l” utility is used to display the permission of the file:

$ ls -l /etc/shadow

The output shows that only “root” users have permission to read and write files.

How to Detailed View /etc/shadow File?

The “stat” command helps us to display the detailed information of the “/etc/shadow” file. This information contains the file size, path, blocks, and date and time of “Access”, “Modify”, “Change”, and “Birth” permission: 

$ stat /etc/shadow

The output shows the details of the “shadow” file that is present in the “etc” directory.

How Edit the /etc/shadow File?

To modify the “/etc/shadow” file, the “nano” utility is used that enables the “root” user to change such as( password age and warning period after the password will expire):

$ sudo nano /etc/shadow

The output shows that the password age and warning period have been changed.

That is all from the /etc/shadow file.


In Linux, the “/etc/shadow” file holds the password information of system users in a record format. It displays the information of “Username”, “Password”, “Password Age”, “Password Validity”, and many more. Additionally, users can check permission, detailed view, and visualize the specific user information from the /etc/shadow file.