How to display hashing algorithm on your Linux system for user authentication

Jean-Nicolas Boulay
1 min readMar 18, 2021

--

On some Linux distributions, you can use:

$ authconfig — test | grep hashing

But it doesn’t always work; here are some other ways to get the hashing algorithm:

From PAM (Linux Pluggable Authentication Modules):

$ cat /etc/pam.d/common-password | grep -i ^password | grep -v # | grep -i pam_unix.so | grep -i success | awk ‘END {print $NF}’

From the default parametres for user account creation (/etc/login.defs):

$ cat /etc/login.defs | grep ENCRYPT_METHOD | grep -v # | awk ‘{print $2}’

You can also see in the /etc/shadow file what type of hashing algorithm is used for a user’s password:

$ sudo cat /etc/shadow | grep root | awk -F “:” ‘{ print $2 }’ | awk -F “$” ‘{print $2}’

The number that is returned refers to one of these algorithms:

  • $1 = MD5 hashing algorithm
  • $2 = Blowfish algorithm is in use
  • $2a = Eksblowfish algorithm
  • $5 = SHA-256 algorithm
  • $6 = SHA-512 algorithm

Extra tip, if you want the name to be the same case you can pipe the return value with:

$ […] | tr ‘[:upper:]’ ‘[:lower:]’

— or —

$ […] | tr ‘[A-Z]’ ‘[a-z]’

--

--