passwd - Password files
A passwd file is a file consisting of records separated by newline charac-
ters, one record per user, containing seven colon (:) separated fields.
These fields are as follows:
name User's login name. The default length is 8 characters.
password User's encrypted password.
uid User's ID
gid User's login group ID
gecos General information about the user
home_dir User's home directory
shell User's login shell
The name field is the login used to access the computer account, and the
uid field is the number associated with it. They should both be unique
across the system (and often across a group of systems) since they control
While it is possible to have multiple entries with identical login names
and/or identical user gid's, it is usually a mistake to do so. Routines
that manipulate these files will often return only one of the multiple
entries, and that one by random selection.
The login name must never begin with a hyphen (-); also, it is strongly
suggested that neither uppercase characters or dots (.) be part of the
name, as this tends to confuse mailers. No field may contain a colon (:)
as this has been used historically to separate the fields in the user data-
The password field is the encrypted form of the password. If the password
field is empty, no password is required to gain access to the machine.
Because these files contain the encrypted user passwords, they should not
be readable by anyone without appropriate privileges.
Use the vipw command to edit password entries. This ensures that the
hashed password database is rebuilt.
If you have enhanced security installed on your system, the pass-
word field contains an asterisk (*). The encrypted password is
stored in the user's protected password database.
The gid field is the group that the user will be placed in upon login.
Since the operating system supports multiple groups (see the groups com-
mand) this field currently has little special meaning.
The gecos field normally contains comma (,) separated subfields as follows:
name User's full name
office User's office number
wphone User's work phone number
hphone User's home phone number
This information is used by the finger command.
The user's home directory is the full UNIX pathname where the user will be
placed on login.
The shell field is the command interpreter the user prefers. If the shell
field is empty, the Bourne shell (/bin/sh) is assumed.
The allowable values for the UID are unsigned numbers from 0 to 65535.
The command pwck can be used to verify the accuracy of data entered in the
root:TZVtfX5VbS3KY:0:1:System PRIVILEGED Account,,,:/:/bin/sh
operator:HdgoklKwZOlvU:25:28:System PRIVILEGED Account,,,:/etc/operator:
guest:Nologin:-2:-2:anonymous NFS user:/:/bin/date
Commands: login(1), passwd(1), pwck(8), vipw(8)