pwdhist File
Purpose
Contains password history information.
Description
The /etc/security/pwdhist.dir and /etc/security/pwdhist.pag files are database files created and maintained by Database Manager (DBM) subroutines. The files maintain a list of previous user passwords.
The pwdhist files store information by user name. User names are the keys of the DBM subroutines. The password list contains multiple pairs of a lastupdate value and an encrypted, null-terminated password. This password list is a key's associated content and the lastupdate value is a 4-byte, unsigned long. The encrypted password is the size of the PW_CRYPTLEN value. Thus, an entry in the database file is of the following format:
lastupdatepasswordlastupdatepasswordlastupdatepasswor
d...
The password list is in descending chronological order, with the most recent password appearing first in the list.
To retrieve a user's password history, use the dbm_fetch subroutine. To delete a user's password history, use the dbm_delete subroutine.
Security
Access Control: The files grant read and write access only to the root user.
Examples
If user sally has the following previous passwords:
password = 6PugcayXL.1Rw ;
lastupdate = 737161212
password = r5MZvr69mGeLE ;
lastupdate = 746458629
the dbm_fetch subroutine returns the following entry for the key sally:
XXXXr5MZvr69mGeLEXXXX6PugcayXL.1Rw
where XXXX would
be four bytes that can be copied into an unsigned long to get the
last update time.