I know that passwords are stored in /etc/shadow
However, during the login process, I'm assuming that Linux take your username and password as an argument, encrypt your password with the same algorithm and compare it to the one stored in the shadow.
My question is, where does this process take place? (the code) I tried to search the PAM but I couldn't find anything useful there either.
Best Answer
Within PAM, for a local password stored in
/etc/shadow
, the job of checking the password is performed by pam_unix.Under the hood, the verification is done by the
crypt
function. (Actually, in most cases, bycrypt_r
.) Note that despite the name, this function does not encrypt or decrypt the password, it hashes the password. The password field in/etc/shadow
contains parameters for the hashing as well as the actual hash value.The source code of the pam_unix module is part of Linux-PAM. The source code of the
crypt
function is part of the C library (Glibc).