Password change for users on a regular basis is a best practice. But the users of linux system and developers are forced with reminder to change their password becuase they don't have habit to change password, so password change reminder is the responsibility of system administrators. We will discuss how we use Linux "chage" command to perform activities of password aging policy.
Install "chage" command as shown below:
[root@linuxguideco /]# yum install chage
chage will be installed.
In this article we will describe the "chage" command usage with examples.
Following is the syntax for the 'chage' command.
[root@linuxguideco /]# chage [options] user
Following are the commonly used "chage" command options:
-m option specifies the minimum number of days between which the user must change passwords. The password doesn't expire if value is 0(zero).
-M maximum number of days the password is valid.
-d to set the number of days since February 3, 1973 the password was changed.
-I specifies the number of inactive days after the password expiration before locking the account.
-E specifies expire the account on mentioned date (YYYY-MM-DD format)
-W specifies the number of days before password expiry date to warn the user.
To show user's aging information with -l option for user (asiface)
[root@linuxguideco /]# chage -l asiface
Last password change : May 25, 2013
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
[root@linuxguideco /]#
Set the password expiry date for user asiface. The valid date format is YYYY-MM-DD or MM/DD/YYYY.
[root@linuxguideco /]# chage -E 06/15/2013 asiface
[root@linuxguideco /]# chage -l asiface
Last password change : May 25, 2013
Password expires : never
Password inactive : never
Account expires : Jun 15, 2013
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
[root@linuxguideco /]#
Remove account's expiration date with -1.
[root@linuxguideco /]# chage -E -1 asiface
[root@linuxguideco /]# chage -l asiface
Last password change : May 25, 2013
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
Specify the number of days before the end of the account date a warning to change your password.
[root@linuxguideco /]# chage -W 8 asiface
[root@linuxguideco /]# chage -l asiface
Last password change : May 25, 2013
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 8
Specify the minimum number of days that must pass before the password must be changed. (Calculated from the date when the password was last changed.)
[root@linuxguideco /]# chage -m 12 asiface
[root@linuxguideco /]# chage -l asiface
Last password change : May 25, 2013
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 12
Maximum number of days between password change : 99999
Number of days of warning before password expires : 8
Set the maximum number of days which pwd must be changed.
[root@linuxguideco /]# chage -M 30 asiface
[root@linuxguideco /]# chage -l asiface
Last password change : May 25, 2013
Password expires : Jun 24, 2013
Password inactive : never
Account expires : never
Minimum number of days between password change : 12
Maximum number of days between password change : 30
Number of days of warning before password expires : 8
Specify the number of days after the password expires when the account is locked.
[root@linuxguideco /]# chage -I 22 asiface
[root@linuxguideco /]# chage -l asiface
Last password change : May 25, 2013
Password expires : Jun 24, 2013
Password inactive : Jul 16, 2013
Account expires : never
Minimum number of days between password change : 12
Maximum number of days between password change : 30
Number of days of warning before password expires : 8
To apply user's password aging with a single command, use the command as shown below.
[root@linuxguideco /]# chage -E 06/15/2013 -W 8 -m 12 -M 30 -I 22 asiface
[root@linuxguideco /]# chage -l asiface
Last password change : May 25, 2013
Password expires : Jun 24, 2013
Password inactive : Jul 16, 2013
Account expires : Jun 15, 2013
Minimum number of days between password change : 12
Maximum number of days between password change : 30
Number of days of warning before password expires : 8
It can be disabled passwords aging in a single command, as shown below, for example.
[root@linuxguideco /]# chage -E -1 -W 7 -M 99999 -m 0 -I -1 asiface
[root@linuxguideco /]# chage -l asiface
Last password change : May 25, 2013
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
To change password forcefully at first login to user. Command as shown below:
[root@linuxguideco /]# chage -d 0 asiface
[root@linuxguideco /]# chage -l asiface
Last password change : password must be changed
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
When you attempt to login, following message will be appeared.
you are required to change your password immediately (root enforced)
Learn more about how the chage command use in linux, just type 'man chage' to view the detailed manual.
Install "chage" command as shown below:
[root@linuxguideco /]# yum install chage
chage will be installed.
In this article we will describe the "chage" command usage with examples.
Following is the syntax for the 'chage' command.
[root@linuxguideco /]# chage [options] user
Following are the commonly used "chage" command options:
-m option specifies the minimum number of days between which the user must change passwords. The password doesn't expire if value is 0(zero).
-M maximum number of days the password is valid.
-d to set the number of days since February 3, 1973 the password was changed.
-I specifies the number of inactive days after the password expiration before locking the account.
-E specifies expire the account on mentioned date (YYYY-MM-DD format)
-W specifies the number of days before password expiry date to warn the user.
To show user's aging information with -l option for user (asiface)
[root@linuxguideco /]# chage -l asiface
Last password change : May 25, 2013
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
[root@linuxguideco /]#
Set the password expiry date for user asiface. The valid date format is YYYY-MM-DD or MM/DD/YYYY.
[root@linuxguideco /]# chage -E 06/15/2013 asiface
[root@linuxguideco /]# chage -l asiface
Last password change : May 25, 2013
Password expires : never
Password inactive : never
Account expires : Jun 15, 2013
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
[root@linuxguideco /]#
Remove account's expiration date with -1.
[root@linuxguideco /]# chage -E -1 asiface
[root@linuxguideco /]# chage -l asiface
Last password change : May 25, 2013
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
Specify the number of days before the end of the account date a warning to change your password.
[root@linuxguideco /]# chage -W 8 asiface
[root@linuxguideco /]# chage -l asiface
Last password change : May 25, 2013
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 8
Specify the minimum number of days that must pass before the password must be changed. (Calculated from the date when the password was last changed.)
[root@linuxguideco /]# chage -m 12 asiface
[root@linuxguideco /]# chage -l asiface
Last password change : May 25, 2013
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 12
Maximum number of days between password change : 99999
Number of days of warning before password expires : 8
Set the maximum number of days which pwd must be changed.
[root@linuxguideco /]# chage -M 30 asiface
[root@linuxguideco /]# chage -l asiface
Last password change : May 25, 2013
Password expires : Jun 24, 2013
Password inactive : never
Account expires : never
Minimum number of days between password change : 12
Maximum number of days between password change : 30
Number of days of warning before password expires : 8
Specify the number of days after the password expires when the account is locked.
[root@linuxguideco /]# chage -I 22 asiface
[root@linuxguideco /]# chage -l asiface
Last password change : May 25, 2013
Password expires : Jun 24, 2013
Password inactive : Jul 16, 2013
Account expires : never
Minimum number of days between password change : 12
Maximum number of days between password change : 30
Number of days of warning before password expires : 8
To apply user's password aging with a single command, use the command as shown below.
[root@linuxguideco /]# chage -E 06/15/2013 -W 8 -m 12 -M 30 -I 22 asiface
[root@linuxguideco /]# chage -l asiface
Last password change : May 25, 2013
Password expires : Jun 24, 2013
Password inactive : Jul 16, 2013
Account expires : Jun 15, 2013
Minimum number of days between password change : 12
Maximum number of days between password change : 30
Number of days of warning before password expires : 8
It can be disabled passwords aging in a single command, as shown below, for example.
[root@linuxguideco /]# chage -E -1 -W 7 -M 99999 -m 0 -I -1 asiface
[root@linuxguideco /]# chage -l asiface
Last password change : May 25, 2013
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
To change password forcefully at first login to user. Command as shown below:
[root@linuxguideco /]# chage -d 0 asiface
[root@linuxguideco /]# chage -l asiface
Last password change : password must be changed
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
When you attempt to login, following message will be appeared.
you are required to change your password immediately (root enforced)
Learn more about how the chage command use in linux, just type 'man chage' to view the detailed manual.
