Linux commands, system security-related commands--passwd

passwd command

The use of PASSWD commands is many, for beginners, the general is to modify or set the password, we can view its basic parameters through the passwd-h command.

1[Email protected]:~#passwd-h2Usage:passwd[Options] [LOGIN]3 4 Options:5-A,--All report password status on all accounts6-D,--delete delete the password forThe named account7-E,--expire force expire the password forThe named account8-H,--Help display this Help message and exit9-K,--keep-tokens change password onlyifExpiredTen-I.,--Inactive Inactive Set password inactive after expiration One To INACTIVE A-L,--lock Lock the password of the named account --N,--mindays min_days Set minimum number of days before password - Change to min_days the-Q,--Quiet Quiet mode --R,--repository repository change PasswordinchREPOSITORY REPOSITORY --S,--Status Report password status on the named account --U,--unlock unlock the password of the named account +-W, --warndays warn_days set expiration warning days to Warn_days --X,--maxdays max_days Set maximum number of days before password +Change to Max_days

passwd Parameters

Setting the Change Password

Both normal and root users can run the passwd command, but ordinary users can only change their user password, and the root user runs passwd to set or modify any user's password. Here is a demonstration of two examples.

Example 1,root user jbw password for normal User:

1 [email protected]:~# passwd jbw2 Enter new UNIX password:      <== input password (123) 3 Retype new UNIX password:      < = = Enter password again (123) 4 passwd    

* When the password is changed by the root user, the system will accept it even if it is relatively simple.

Example 2, the normal user JBW to modify their password:

1[Email protected]:~#suJBW2$passwd  3changing password forJBW.4(current) UNIX Password: <== The original password (123)5Enter new UNIX Password: <== Enter the password (12345)6Retype new UNIX Password: <== re-enter the password (12345)7 bad:new password is too simple8Enter new UNIX Password: <== Enter the password (qunar.6666)9Retype new UNIX Password: <== re-enter the password (qunar.6666)Ten passwd: Password updated successfully

*PASSWD No Add account, it means to change the password of their account

* Unlike the root user, the general account must first enter the old password when changing the password

* General user settings password is strict, password is too short, too simple or the same as the account name will be refused to modify (in order to ensure the security of the password)

　　

Modify Password parameters

The following example describes how to change the parameters of the password

Example 3, manage the account JBW, make it change password within 3 days after the non-change password, 30 days must change password, password expiration warning date is 5 days, and password expires after 10 days expire:

1[Email protected]u:~#passwd-S JBW2JBW P -/ +/ - 0 99999 7-13[Email protected]:~#passwd-N3-X --W 5-I.TenJBW4 passwd: Password expiry information changed.5[Email protected]:~#passwd-S JBW6JBW P -/ +/ - 3  - 5 Ten7[Email protected]:~#

* Initial passwd-s parameter explanation

07/19/2015: Password New Time
0: The minimum number of days after password change can be changed (0 means can be modified at any time), modified with the-n parameter
99999: Password changes within 99,999 days need to change the password again, with the-X parameter modification
7: Password expiration warning number of days is 7 days (the system will warn the user within 7 days before password expires), modified with the-W parameter
-1: Account Expiration Date (-1 means never expire), modified with-I parameter

Invalidate the Account

　　Sometimes we may need to let an account temporarily unable to log in to the host, then we just use the passwd-l parameter is ok (Restore the original with-u parameter)

Example 5, make the account JBW invalid, check it out and then restore it to the original state:

1[Email protected]:~#passwd-S JBW2JBW P -/ +/ - 3  - 5 <== p indicates that the account can be used normally3[Email protected]:~#passwd-L JBW4 passwd: Password expiry information changed.5[Email protected]:~#passwd-S JBW6JBW L -/ +/ - 3  - 5 <== L Indicates the account is locked and the account will not be logged in7[Email protected]:~#passwd-u JBW8 passwd: Password expiry information changed.9[Email protected]:~#passwd-S JBWTenJBW P -/ +/ - 3  - 5 <== L becomes p, the account is restored again

Linux commands, system security-related commands--passwd