The projection password used to open the group
grpconv command is used to enable the projection password of the group. User and group passwords in the Linux system are stored in the passwd and group files in the /etc
directory respectively. Because they are required for system operation, anyone can read them, causing a security breach. Projection password changes the password in the file to the shadow and gshadow files in the /etc
directory, allowing only the system administrator to read it, and replaces the original password with the "x" character. The function of projecting passwords can be turned on or off at any time. You only need to execute the grpconv command to turn on group projection passwords.
grpconv
Set cdy group password
groupmod --password 123456 cdy
cat /etc/group | grep cdy
cdy:123456:1000: # The password is 123456
Start shadow system
grpconv
cat /etc/group | grep cdy
cdy:x:1000: # It can be seen that the password segment has been replaced by x
cat /etc/gshadow | grep cdy
cdy:123456:: # Already moved to shadow file
Note: gshadow and shadow can only be viewed with root permissions.