Linux passwd command settings modify user password

1, passwd simple description;

We have learned how to addUser, so we also have to learn to set or modify the user's password; passwd commands are used a lot, we only choose the following several parameters to illustrate; For more information, please refer to man passwd or passwd--help;


passwd [OPTION ...]

passwd as a normal user and superuser can run, but as a normal user can only change their user password, but the premise is not locked by the root user, if the root user run passwd, you can set or modify any user's password;

The passwd command does not follow any parameters or user names, which means to modify the current user's password, see the following example;
[[email protected] ~]# passwd Note: No user, I am the root user to execute the passwd means to modify the root user's password;
Changing password for user root.
New UNIX Password: NOTE: Please enter the password;
Retype new UNIX Password: note: Verify the password;
Passwd:all authentication tokens updated successfully. Note: The root password is changed successfully;

If the ordinary user executes passwd can only modify their own password;

If you want to create a password for a new user after creating a new user, use the passwd user name, and note that you want to create it with the root user's permission;

[Email protected] ~]# passwd Beinan Note: Change or create a password for the Beinan user;
Changing password for user Beinan.
New UNIX Password: NOTE: Please enter the password;
Retype new UNIX Password: note: Enter again;
Passwd:all authentication tokens updated successfully. Note: success;

If the ordinary user wants to change their own password, run passwd directly, for example, the user of the current operation is Beinan;

[Email protected] ~]$ passwd
Changing password for user Beinan. Note: Change the password of the Beinan user;
(current) UNIX Password: NOTE: Please enter the current password;
New UNIX Password: NOTE: Please enter the password;
Retype new UNIX Password: note: confirm the password;
Passwd:all authentication tokens updated successfully. Note: The change was successful;


2, passwd a few more important parameters;

[Email protected] beinan]# passwd--help
USAGE:PASSWD [OPTION ...] <accountName>
-K,--keep-tokens keep non-expired authentication tokens
Note: Retention of expiring users can still be used after the expiry date;
-D,--delete delete the password for the named account (root only)
Note: Delete user password, only can operate with root permission;
-L,--lock lock the named account (root only)
Note: The locked user does not have the right to change his or her password, only through root permission;
-U,--unlock unlock the named account (root only)
Note: Unlock the lock;
-F,--force Force operation
Note: Force operation; Only the root permission is required to operate;
-X,--maximum=days Maximum password lifetime (root only) Note: two times the maximum number of password corrections, followed by the number; only root operation;
-N,--minimum=days Minimum password lifetime (root only) Note: two times the minimum number of password modifications, followed by numbers, only the root permission to operate;
-W,--warning=days number of days warning users receives before note: Remind the user to change the password at the distance of the day, only the root permission operation;
Password expiration (root only)
-I,--inactive=days number of days after password expiration if an note: After the password expires, the user is banned and can only be operated as root;
Account becomes disabled (root only)
-S,--status report password status in the named account (Root Note: Query the user's password status, only the root user can operate;
only)
--stdin read new tokens from stdin (root only)

For example, we let a user cannot change the password, you can use the-l parameter to lock:

[[email protected] ~]# passwd-l Beinan Note: Lock user Beinan cannot change password;
Locking password for user Beinan.
Passwd:success Note: The lock is successful;
[[email protected] ~]# su Beinan NOTE: Switch to Beinan user via su;
[[email protected] ~]$ passwd Note: Beinan to change the password;
Changing password for user Beinan.
changing password for Beinan
(current) UNIX Password: Note: Enter the current password for Beinan;
Passwd:authentication Token manipulation Error Note: Failed, cannot change password;


One more example:

[[email protected] ~]# passwd-d Beinan Note: Clear the Beinan user password;
Removing password for user Beinan.
Passwd:success Note: Clear success;
[[email protected] ~]# passwd-s Beinan Note: Query Beinan user password status;
Empty password. Note: Empty password, that is, no password;

Note: When we clear a user's password, login without password;


3, Chage to modify the user password validity period of the order;

Chage in syntax format:

Chage [-l] [-M minimum Days] [-M maximum Days] [-w warning] [-I expiration date] [-e Expiration Date] [-D last day] user

The front has been said much better, this is just a stroke of it, know that there is this command on the line, their practice and practice, the general and psswd some parameters of the use of almost;

Password Aging Command-----chage

Format: chage [< option;] < user name >
The following is a description of the options for the chage command:
-M Day: The minimum number of days the password can be changed. At zero, the password can be changed at any time.
-M Days: Specifies the maximum number of nights that the password is valid. When the number of days specified by the option plus the-d option is less than the current date, the user must change the password before using the account.
-D Day: Specifies the number of days that the password has been changed since January 1, 1970.
-I days: Specifies the number of hours that the account is inactive before the password expires. If the value is 0, the account will not be locked after the password expires.
-E Date: Specifies the date on which the account is locked. Date format YYYY-MM-DD. You can also use the number of days elapsed since January 1, 1970 If you do not have a date.
-W Day: Specifies the number of days to warn the user before the password expires.
-L: Lists the current password aging information for the specified user to determine when the account expires.
For example, the following command requires the user to be unable to change the password within two days, and the maximum lifetime of the password is 30 days, and the user is notified 5 days before the password expires user1
Chage-m 2-m 30-w 5 user1
You can use the following command to view the user User1 current password aging information: Chage-l user1
Tip: 1) You can use Chage < username > enter interactive mode to modify the user's password aging.
2) Changing the password is essentially modifying the shadow passwordThe value of the field in the file/etc/shadow that is associated with the password aging.

Linux passwd command settings modify user password