grpconv

The projection password used to open the group

Supplementary instructions

grpconv command is used to enable the projection password of the group. User and group passwords in the Linux system are stored in the passwd and group files in the /etc directory respectively. Because they are required for system operation, anyone can read them, causing a security breach. Projection password changes the password in the file to the shadow and gshadow files in the /etc directory, allowing only the system administrator to read it, and replaces the original password with the "x" character. The function of projecting passwords can be turned on or off at any time. You only need to execute the grpconv command to turn on group projection passwords.

grammar

grpconv

Example

Set cdy group password

groupmod --password 123456 cdy
cat /etc/group | grep cdy
cdy:123456:1000: # The password is 123456

Start shadow system

grpconv
cat /etc/group | grep cdy
cdy:x:1000: # It can be seen that the password segment has been replaced by x

cat /etc/gshadow | grep cdy
cdy:123456:: # Already moved to shadow file

Note: gshadow and shadow can only be viewed with root permissions.