Password Aging - Change Command

by Geethalakshmi 2009-12-15 19:39:46

Password Aging


The chage command changes the number of days between password changes and the date of the last password change. This information is used by the system to determine when a user must change his/her password. The /etc/login.defs file defines the site-specific configuration for the shadow password suite including password aging configuration. To disable password aging, enter:

chage -M 99999 userName


To get password expiration information, enter:

chage -l userName


Finally, you can also edit the /etc/shadow file in the following fields:

{userName}:{password}:{lastpasswdchanged}:{Minimum_days}:{Maximum_days}:{Warn}:{Inactive}:{Expire}:


Where,

1. Minimum_days: The minimum number of days required between password changes i.e. the number of days left before the user is allowed to change his/her password.

2. Maximum_days: The maximum number of days the password is valid (after that user is forced to change his/her password).

3. Warn: The number of days before password is to expire that user is warned that his/her password must be changed.

4. Expire: Days since Jan 1, 1970 that account is disabled i.e. an absolute date specifying when the login may no longer be used.


I recommend chage command instead of editing the /etc/shadow by hand:

# chage -M 60 -m 7 -W 7 userName

Tagged in:

1107
like
0
dislike
0
mail
flag

You must LOGIN to add comments