Linux under passwd user settings and modify password

For system security reasons, each user in a Linux system has a user password in addition to its user name. Therefore, when using the Useradd command, you also need to use the passwd command to set the password for each newly added user, and users can change their passwords at any time with the passwd command.

The general format for this command is: passwd [username] where the user name is the user who needs to modify the password. Only Superuser can use "passwd username" to modify other user's password, ordinary users can only use passwd command without parameters to modify their password

PASSWD syntax Structure:

First of all, we must know that "man" is very responsible for the words, so there is something to find "man." Let's see what "man" says about this passwd. Well, this command is not in the Man Handbook's Chinese bag, so it's a familiar English. Oh.

NAME
Passwd–update A user ' s authentication tokens (s)

Synopsis
passwd [-K] [-l] [-u [-f]] [-d] [-N mindays] [-X Maxdays] [-W warndays] [-I inactivedays] [-s]
[--stdin] [Username]

Talking about passwd parameters:

passwd command also has these many parameters, the last user name Needless to say, the following pick some of the main to introduce one or two, are found on the Internet, but according to my simple translation should be this kind of drip.

Main parameters

-L: Locks the name of the account that is already named, only available to users who have superuser privileges.

-U: Unlock account lockout status, only users who have Superuser privileges can use it.

-X,--maximum=days: Maximum password usage time (days), only used by users with superuser privileges.

-N,--minimum=days: Minimum password usage time (days), only used by users with superuser privileges.

-D: Deletes the user's password, which is available only to users who have superuser privileges.

-S: Check the type of password authentication for the specified user, only users who have Superuser privileges can use it.

passwd usage Rules:

As we all know, in Linux, "root" account is absolutely a big boss, it has the supremacy of power. Oh. Also yesterday we saw that the new account is created by root authority, then do not have to say, if the user's password is missing, you can let root to help modify the password, and root does not need to know your original password. In addition, only root can set the password arbitrarily, even if the password does not conform to the system's password requirements.

In addition, users can change their passwords, then passwd is not followed by the user name. However, ordinary users must abide by certain rules, the rule file to create passwords is:/ETC/PAM.D/PASSWD, which set some rules for setting up Linux user passwords.

In general, enter the password as much as possible to meet the following requirements:

• Password cannot be the same as account name
• Password as far as possible not to use English words this dictionary will appear in the string
• Password requires more than 8 characters

The password should have at least six digits (preferably eight-bit) characters;

The password should be a mixture of uppercase and lowercase letters, punctuation marks, and numbers.

passwd Use Example:

Kothe, I set the password for a few spam accounts I created yesterday. Oh.

[CC lang= ' bash ']
# ROOT to create a password, do not adhere to what the rules, direct change can
[Simaopig@xiaoxiaozi pam.d]$ su
Password:
[Root@xiaoxiaozi pam.d]# passwd Chongpig
Change the password for the user chongpig.
New Password:
Re-enter the new password:
Invalid password: It is based on dictionary words
Invalid Password: too simple
PASSWD: All authentication tokens have been successfully updated.
[Root@xiaoxiaozi pam.d]# passwd Chongpig
Change the password for the user chongpig.
New Password:
Re-enter the new password:
Invalid password: It is based on dictionary words
Invalid Password: too simple
PASSWD: All authentication tokens have been successfully updated.
[Root@xiaoxiaozi pam.d]# grep Chongpig/etc/shadow
chongpig:$6$mvu5nbao$4hznf92n3ryaidfvk2q5ytixfjrvxvyhausgeuawfablr5wiuqdn/2hccshwkrorpxglcj.wa.1qlgg.rxuhw/ : 14447:0:99999:7::
[/CC]

Although tell me the password is too simple, although told me that the password is based on the word, but what are we afraid of? I am root, change, listed can be looked at, now Chongpig account is already can use password login, its password bar in the/etc/shadow also has a value, and no longer!!

[CC lang= ' bash ']
# Change Current user password, not roto account
[Simaopig@xiaoxiaozi ~]$ passwd
Change the password for the user simaopig.
Change the STRESS password for Simaopig.
(current) UNIX password:
New Password:
Re-enter the new password:
Password not changed
Password not changed
Password not changed
Password:
PASSWD: Maximum number of service retries exceeded

[Simaopig@xiaoxiaozi ~]$ passwd
Change the password for the user simaopig.
Change the STRESS password for Simaopig.
(current) UNIX password:
New Password:
Re-enter the new password:
Invalid password: Too similar to old password
Invalid password: Too similar to old password
Invalid password: Too similar to old password
Password:
PASSWD: Maximum number of service retries exceeded

[Simaopig@xiaoxiaozi ~]$ passwd
Change the password for the user simaopig.
Change the STRESS password for Simaopig.
(current) UNIX password:
New Password:
Re-enter the new password:
PASSWD: All authentication tokens have been successfully updated.
[/CC]

See See, ordinary user treatment is not the same, there are all kinds of restrictions, trouble ah. But I'd better change my own password, nothing old trouble root Oh.

The process by which a superuser modifies the password of another user (XXQ) is as follows,

code is as follows	copy code
# passwd Root New Unix password:  Retype new Unix password:  Passwd:all authentication tokens Updat Ed successfully #