The names of all the users on the system are kept in /etc/passwd. This file has the following structure:

These 7 fields are separated by colons. As in the example below.

/etc/passwd entry with encrypted passwd:

george:$1$K05gMdDrW2sT.h:Dr G Micheal:/home/georges:/bin/bash

In order to hide the encrypted passwords from ordinary users you should use a shadow file. The /etc/shadow file then holds the user names and encrypted passwords and is readable only by root.

If you don't have a shadow file in /etc then you should issue the following command:

/usr/sbin/pwconv    # (passwd -> shadow)

This will leave an x in the 2nd field of /etc/passwd and create the /etc/shadow file. If you don't wish to use shadow passwords you can do so using

/usr/sbin/pwunconv   # (shadow -> passwd)

	Caution
	When using a shadow password file the /etc/passwd file may be world readable (644) and the /etc/shadow file must be more restricted (600 or even 400). However when using pwunconv make sure to change the permissions on /etc/password (600 or 400).

In the same way, information about groups is kept in /etc/group. This file has 4 fields separated by colons.

Example /etc/group entry:

java:x:550:jade, eric, rufus

As for users there is a /etc/gshadow file that is created when using shadow group passwords. The utilities used to switch backwards and forward from shadow to non-shadow files are as follows

/usr/sbin/grpconv       # creates the /etc/gshadow file
/usr/sbin/grpunconv     # deletes the gshadow file

	Note
	The /etc/gshadow file has a field that can hold the name of the administrator of the group (added with the gpasswd -A command).

The /etc/login.defs file and the /etc/skel directory are only consulted or used when a new user is added to a system.