Let’s take, from /etc/shadow file:
From the above shown example entry, our topic of interest is the second field(the field with the encoded hash of the password).
1. The first field is a numerical number that tell’s you the hashing algorithm that’s being used.
- $1=MD5 hashing Algorithm
- $2=Blowfish Algorithm
- $2a=eksblowfish Algorithm
- $5=SHA-256 Algorithm
- $6=SHA-512 Algorithm
2. The second field is the salt value
Salt value is nothing but a random data that’s generated to combine with the original password, inorder to increase the strength of the hash..
3.The last field is the hash value of salt+user password.
So in our example entry of root, as shown below:
The above shown encoded password is using SHA-512 hashing algorithm (because the of $6$)