GCIH · Question #710
Where would salted hashes be found on a Linux machine?
The correct answer is D. /etc/shadow. On Linux systems, salted password hashes are stored in /etc/shadow, a file with restricted permissions accessible only by root.
Question
Where would salted hashes be found on a Linux machine?
Options
- AIn the LSASS process
- B%SYSTEMROOT%\ntds.dit
- C/etc/passwd
- D/etc/shadow
How the community answered
(53 responses)- A8% (4)
- B4% (2)
- C2% (1)
- D87% (46)
Why each option
On Linux systems, salted password hashes are stored in /etc/shadow, a file with restricted permissions accessible only by root.
LSASS (Local Security Authority Subsystem Service) is a Windows process responsible for credential management - it does not exist on Linux systems.
%SYSTEMROOT%\ntds.dit is the Active Directory Domain Services database found on Windows Domain Controllers and has no equivalent or presence on Linux.
/etc/passwd historically stored password hashes but modern Linux distributions store only an 'x' placeholder there, with the actual hashes relocated to /etc/shadow for security.
The /etc/shadow file stores salted, hashed passwords for all local Linux user accounts along with password aging metadata. Unlike /etc/passwd, which is world-readable, /etc/shadow is restricted to root access only, providing a security boundary around the stored credential hashes. The salt is included as part of the stored hash string in modular crypt format.
Concept tested: Linux salted password hash storage location
Source: https://man7.org/linux/man-pages/man5/shadow.5.html
Topics
Community Discussion
No community discussion yet for this question.