Shulou(Shulou.com)06/01 Report--

This article will explain in detail how to change the user password in the Linux system. The content of the article is of high quality, so the editor will share it for you as a reference. I hope you will have a certain understanding of the relevant knowledge after reading this article.

1. Passwd brief description

We have learned how to add users, so we also need to learn to set or change the user's password; there are also many uses of the passwd command, we only choose the following parameters to explain; for more information, please refer to man passwd or passwd-- help

The code is as follows:

Passwd [OPTION...]

Passwd can run as both an ordinary user and a super user, but as an ordinary user can only change their own user password, but only if it is not locked by the root user. If the root user runs passwd, you can set or modify the password of any user.

If the passwd command is not followed by any parameter or user name, it means to change the password of the current user; see the following example

The code is as follows:

[root@localhost ~] # passwd

Note: without adding any users, I use the passwd executed by the root user to change the password of the root user; there are also hints below

Changing password for user root.

New UNIX password: please enter a new password

Retype new UNIX password: note: verify the new password

Passwd: all authentication tokens updated successfully. Note: the root password was modified successfully

If an ordinary user executes passwd, he can only change his own password.

If you want to create a password for a new user after creating a new user, use the passwd user name, and be careful to create it with the privileges of the root user

The code is as follows:

[root@localhost ~] # passwd beinan

Note: change or create the password of the beinan user

Changing password for user beinan.

New UNIX password: please enter a new password

Retype new UNIX password: note: enter again

Passwd: all authentication tokens updated successfully. Note: successful

Ordinary users can run passwd directly if they want to change their passwords. For example, the current user is beinan.

The code is as follows:

[beinan@localhost ~] $passwd

Changing password for user beinan. Note: change the password of the beinan user

(current) UNIX password: please enter your current password

New UNIX password: please enter a new password

Retype new UNIX password: note: confirm the new password

Passwd: all authentication tokens updated successfully. Note: the change was successful

2. Several important parameters of passwd

The code is as follows:

[root@localhost beinan] # passwd-- help

Usage: passwd [OPTION...]

-k,-- keep-tokens keep non-expired authentication tokens

Note: users who are about to expire can still use it after the expiration of the period.

-d,-- delete delete the password for the named account (root only)

Note: delete user password. You can only operate with root permission.

-l,-- lock lock the named account (root only)

Note: locked users do not have the right to change their passwords, but can only operate through root permissions

-u,-- unlock unlock the named account (root only)

Note: unlock

-f,-- force force operation

Note: mandatory operation; only root permission can operate.

-x,-- maximum=DAYS maximum password lifetime (root only) Note: the maximum number of days for two password corrections, followed by a number; can only be operated with root permissions

-n,-- minimum=DAYS minimum password lifetime (root only) Note: the minimum number of days for two password changes, followed by a number, can only be operated with root permission

-w,-- warning=DAYS number of days warning users receives before Note: remind the user to change the password in how many days; only root permission is allowed.

Password expiration (root only)

-I,-- inactive=DAYS number of days after password expiration when an Note: how many days after the password expires, the user is banned and can only operate with root

Account becomes disabled (root only)

-S,-- status report password status on the named account (root Note: query the password status of users. Only root users can operate.

Only)

-- stdin read new tokens from stdin (root only)

For example, if we prevent a user from changing the password, we can use the-l parameter to lock it:

The code is as follows:

[root@localhost ~] # passwd-l beinan

Note: locked user beinan cannot change password

Locking password for user beinan.

Passwd: Success Note: locked successfully

[beinan@localhost ~] # su beinan Note: switch to beinan users via su

[beinan@localhost ~] $passwd Note: beinan to change the password

Changing password for user beinan.

Changing password for beinan

(current) UNIX password: note: enter the current password of beinan

Passwd: Authentication token manipulation error Note: failed, password cannot be changed

Let's take another example:

The code is as follows:

[root@localhost] # passwd-d beinan

Note: clear beinan user password

Removing password for user beinan.

Passwd: Success Note: cleared successfully

The code is as follows:

[root@localhost] # passwd-S beinan

Note: query the password status of beinan users

Empty password. Note: empty password, that is, no password

Note: when we clear a user's password, we don't need a password to log in; note that

3. Chage command to modify the validity period of a user's password

Chage is in grammatical format:

Chage [- l] [- m minimum days] [- M maximum days] [- W warning] [- I expiration date] [- E expiration date] [- d last day] user

What has been said before is much better, this is just a passing pass, just know that there is this command, and put it into practice, it is generally similar to the use of some parameters of psswd.

Cipher code aging command-chage

Format: chage []

The following is a list of option descriptions for the chage command:

-m days: the minimum number of days that the password can be changed. 00:00 means you can change the password at any time.

-M days: specifies the maximum number of days the password is valid. When the number of days specified by this option plus the number of days specified by the-d option is less than the current date, the user must change the password before using the account.

-d days: specifies the number of days that the password has been changed since January 1, 1970.

-I days: specifies the number of days after the password expires before the account is locked. If the value is 0, the account will not be locked after the password expires.

-E date: specifies the date when the account is locked. Date format YYYY-MM-DD. If you do not use a date, you can also use the number of days that have elapsed since January 1, 1970.

-W days: specifies the number of days to warn the user before the password expires.

-l: lists the current password expiration information of the specified user to determine when the account expires.

For example, the following command requires the user user1 not to change the password for two days, and the longest survival period of the password is 30 days, and notify the user 5 days before the password expires

Chage-m 2-M 30-W 5 user1

You can use the following command to view the current password expiration information of user user1: chage-l user1

Tip: 1) you can use chage to enter interactive mode to modify the password aging of the user.

2) modifying the password is essentially changing the value of the password aging-related field in the shadow password file / etc/shadow.

Force the user to change the password the next time he logs in

Each Linux user is associated with this different password-related configuration and information. For example, record the date of the last password change, the minimum / maximum number of days to change the password, when the password expired, and so on.

A command line tool called chage can access and adjust password expiration-related configurations. You can use this tool to force users to change their passwords the next time they log in.

To see the expired information for a specific user (for example: alice), run the following command. Note that root permission is required to view the password information of any user except yourself.

The code is as follows:

$sudo chage-l alice

Force the user to change the password

If you want to force the user to change his / her password, use the following command.

The code is as follows:

$sudo chage-d0

The original "- d" parameter is used to set the "age" of the password (that is, the number of days since the last password was changed to 1970-1-1). So "- d0" means that the last password was changed on 1970-1-1, which makes the current password expire and forces him to change the password the next time he logs in.

Another way to expire the current password is to use the passwd command.

The code is as follows:

$sudo passwd-e

The above command has the same effect as "chage-d0", allowing the current user's password to expire immediately.

Now check the user's information and you will find:

When you log in again, you will be asked to change your password. You will be asked to verify the current password again before changing it.

About how to change the user password in the Linux system to share here, I hope the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.