Password Hashes

System shadow Password Hashes in CentOS Linux

Users on a CentOS Linux system are located in the /etc/passwd file. The password hash for users defined in /etc/passwd are stored in /etc/shadow. If you run the passwd command as a user, the password hash in /etc/shadow will be updated to reflect the new password. Sometimes it can be useful to manually generate a shadow password hash, like if you want to setup passwords for users on multiple systems, but don’t want to set a default and ask them to change it, you can have them generate a hash with the following command and apply it for them across the environment. This is especially useful as the use of configuration management tools like puppet continues to grow.

Generate a shadow password hash in CentOS
We are going to use openssl to create the hash.

openssl passwd -1 password

Install openssl
If openssl isn’t installed on your system and you get the following when trying to run openssl, install it with yum.

centhowto~# openssl
-bash: openssl: command not found
yum -y install openssl

SH1 Password Hashes in CentOS Linux

Sometimes you might need to generate an SH1 hash, for example if you’re manually updating your password in racktables, the SH1 password hash is what is in the MySQL table.

Generate an SH1 password hash in CentOS with the following command:

echo -n password | sha1sum | awk '{print $1}'