Difference between revisions of "Linux-for-Sys-Ads/C2/User-Password-Management/English"
From Script | Spoken-Tutorial
Pravin1389 (Talk | contribs) (Created page with ".") |
Pravin1389 (Talk | contribs) |
||
| Line 1: | Line 1: | ||
| − | . | + | '''Title of script: User''' '''Password management''' |
| + | |||
| + | '''Author: Antara Roy Choudhury''' | ||
| + | |||
| + | '''Keywords: passwd, change, Changing user password, Locking and unlocking password, Password removal, Password expiry''' | ||
| + | |||
| + | |||
| + | |||
| + | {| border=1 | ||
| + | |- | ||
| + | || '''Visual Cue''' | ||
| + | || '''Narration''' | ||
| + | |- | ||
| + | || Slide 1: Introduction | ||
| + | || Hello and welcome to the spoken tutorial on '''User''' '''Password Management '''in''' Linux.''' | ||
| + | |- | ||
| + | || Slide 2: Learning Objectives | ||
| + | || In this tutorial we will learn about | ||
| + | |||
| + | * Changing''' user password''' | ||
| + | * Locking and unlocking a '''password''' | ||
| + | * '''Password '''removal | ||
| + | * Changing the '''password '''expiry information | ||
| + | |||
| + | We will do this through some examples. | ||
| + | |- | ||
| + | || Slide 3: System requirement | ||
| + | || To record this tutorial, I am using '''Ubuntu Linux 16.04 OS''' | ||
| + | |- | ||
| + | || Slide:4 Prerequisite | ||
| + | || To practice this tutorial, | ||
| + | |||
| + | * you should have gone through earlier '''Linux System Administration '''tutorials''' '''on this website and | ||
| + | * you must have '''root access''' to your computer. | ||
| + | |||
| + | |- | ||
| + | || Slide 5A | ||
| + | || In this tutorial we will learn about '''passwd command'''. | ||
| + | |||
| + | * As the name suggests, '''passwd command''' is used to change the '''password''' of '''users'''. | ||
| + | * Earlier in the series, we had created a '''user amit.''' | ||
| + | * Now suppose he forgot his '''password.''' | ||
| + | * So as a '''system administrator''', you have to reset his '''password'''. | ||
| + | |||
| + | Let’s learn how to do this. | ||
| + | |- | ||
| + | || Press Ctrl+Alt+T | ||
| + | || Open the '''Terminal '''by pressing '''Ctrl, Alt and T '''keys simultaneously on the keyboard. | ||
| + | |- | ||
| + | || Type | ||
| + | |||
| + | sudo su | ||
| + | |||
| + | [Enter] | ||
| + | || First, we should login as the '''superuser '''or '''root user'''. | ||
| + | |||
| + | To do so type: '''sudo space su ''' | ||
| + | |||
| + | And press '''Enter.''' | ||
| + | |- | ||
| + | || Type | ||
| + | |||
| + | Password of your account | ||
| + | |||
| + | [Enter] | ||
| + | || Type our '''password '''and then press '''Enter'''. | ||
| + | |- | ||
| + | || Highlight # prompt | ||
| + | || Notice, our '''login prompt '''has changed to''' '''a '''hash''' symbol. | ||
| + | |||
| + | This indicates that we are in the '''root user '''mode. | ||
| + | |- | ||
| + | || Only narration | ||
| + | || Here onwards, please remember to press the '''Enter''' key after typing each '''command'''. | ||
| + | |- | ||
| + | || Type: | ||
| + | |||
| + | passwd amit | ||
| + | |||
| + | [Enter] | ||
| + | || On the '''terminal '''type '''passwd space amit ''' | ||
| + | |- | ||
| + | || Type '''new_pass''' | ||
| + | |||
| + | [Enter] | ||
| + | |||
| + | Re-type '''new_pass''' | ||
| + | |||
| + | [Enter] | ||
| + | || It will ask you to type a new '''password'''. | ||
| + | |||
| + | Type the new '''password''', | ||
| + | |||
| + | say '''new_pass''' and press '''Enter.''' | ||
| + | |||
| + | Retype the same '''password''' and press '''Enter '''again. | ||
| + | |- | ||
| + | || | ||
| + | || The '''password '''has now changed. | ||
| + | |- | ||
| + | || Slide 5B | ||
| + | || As a '''system admin''', you may need to change the '''password''' for the '''root account''' itself. | ||
| + | |||
| + | To do so, you should type '''passwd '''and press '''Enter.''' | ||
| + | |||
| + | When prompted, you should type your new '''password''' and press '''Enter.''' | ||
| + | |- | ||
| + | || Slide 5C | ||
| + | || It will prompt you to type the '''password''' once again. | ||
| + | |||
| + | So retype the same '''password '''and press '''Enter'''. | ||
| + | |||
| + | You will get a message that the '''password '''has been updated successfully. | ||
| + | |- | ||
| + | || Slide 6 | ||
| + | || '''Password status '''information related to a '''user account''' can be displayed, as well. | ||
| + | |||
| + | This is done by using''' hyphen capital S''' with the '''passwd command.''' | ||
| + | |- | ||
| + | || Switch to the '''terminal.''' | ||
| + | || Switch to the '''terminal.''' | ||
| + | |- | ||
| + | || Type: | ||
| + | |||
| + | passwd -S amit [Enter] | ||
| + | || Type '''passwd space hyphen '''capital '''S space amit''' | ||
| + | |- | ||
| + | || Show the output | ||
| + | || The output shows seven space separated '''fields'''. | ||
| + | |||
| + | Let us understand them one by one. | ||
| + | |- | ||
| + | || Slide 6a: | ||
| + | || Suppose, your output shows this. | ||
| + | |||
| + | The first '''field''' is the '''username'''. | ||
| + | |||
| + | The second '''field''' indicates whether the '''user account''': | ||
| + | |||
| + | * has a '''locked password (L), ''' | ||
| + | * has no '''password (NP), ''' | ||
| + | * or has a usable '''password (P)'''. | ||
| + | |||
| + | |- | ||
| + | || Slide 7: | ||
| + | || The third '''field '''gives the date of the last''' password change'''. | ||
| + | |||
| + | Fourth to seventh '''fields''' indicate '''password''' expiry information. | ||
| + | |- | ||
| + | || Slide 8: | ||
| + | || The '''fields''' are '''minimum age, maximum age, warning period, '''and''' inactivity period''' for the '''password'''. | ||
| + | |||
| + | These '''ages''' are expressed in days. | ||
| + | |||
| + | We will discuss these in a couple of minutes. | ||
| + | |- | ||
| + | || Show the output of previous command | ||
| + | || Notice '''user amit''' now has a '''usable password'''. | ||
| + | |||
| + | We have changed our '''password''' just now. | ||
| + | |||
| + | So, the third '''field''' is showing today’s date 16th Jan 2019. | ||
| + | |||
| + | It may be different in your case. | ||
| + | |- | ||
| + | || | ||
| + | |||
| + | Type passwd -aS | ||
| + | |||
| + | [Enter] | ||
| + | || As a '''system admin''', you may need to check the '''password status '''of all the '''user accounts'''. | ||
| + | |||
| + | For this, we will use the option '''small a''' along with '''capital S'''. | ||
| + | |||
| + | Type '''passwd space hyphen small a capital S''' | ||
| + | |- | ||
| + | || Show the output | ||
| + | || Notice, the '''password status '''of the '''user accounts '''are shown here. | ||
| + | |- | ||
| + | || Type: | ||
| + | passwd -l amit [Enter] | ||
| + | || Now, as a '''system admin '''you may need to lock a '''user’s password '''for some reason. | ||
| + | |||
| + | To lock the '''password''' for '''user amit,''' | ||
| + | |||
| + | type '''passwd space hyphen l space amit''' | ||
| + | |- | ||
| + | || Press up key twice to get back password -S command | ||
| + | |||
| + | [Enter] | ||
| + | || Press the '''up arrow key''' thrice to get back the command for showing '''password status '''of user''' amit.''' | ||
| + | |||
| + | |- | ||
| + | || Show the output and highlight L | ||
| + | || Notice, the '''status '''is now '''L'''. | ||
| + | |||
| + | This means the '''password '''is locked now. | ||
| + | |- | ||
| + | || Type cat /etc/shadow [Enter] | ||
| + | || We also know about '''/etc/shadow file'''. | ||
| + | |||
| + | It stores the '''encrypted''' values of all '''users’ passwords.''' | ||
| + | |||
| + | Type '''cat space /etc/shadow''' | ||
| + | |||
| + | Notice, you have an '''exclamation mark''' added before the '''encrypted password''' for the '''user amit.''' | ||
| + | |||
| + | Now, this '''password field''' cannot be matched by any possible '''encrypted''' value. | ||
| + | |- | ||
| + | || Slide 9 | ||
| + | || | ||
| + | * Note that, this will not disable the '''user account.''' | ||
| + | * It will simply lock the '''password'''. | ||
| + | * So now the '''user''' cannot use this '''password''' to '''login''' to the '''system.''' | ||
| + | * The '''user '''cannot change the '''password'''. | ||
| + | |||
| + | |- | ||
| + | || Slide 10 | ||
| + | || | ||
| + | * But, the '''user '''can''' '''still '''login '''to the '''user account '''by any other mechanism. | ||
| + | * It is possible to do so by other ways, which do not refer to the '''passwd file'''. | ||
| + | * For example: '''ssh key authentication'''. | ||
| + | |||
| + | '''Login '''through '''ssh key authentication''' will be covered in subsequent tutorials. | ||
| + | |- | ||
| + | || | ||
| + | passwd -u amit [Enter] | ||
| + | || Now, to unlock the '''password''', type: | ||
| + | |||
| + | '''passwd space hyphen u space amit''' | ||
| + | |||
| + | This will restore the '''password''' to its original value. | ||
| + | |- | ||
| + | || Press up key until you get back password -S command | ||
| + | |||
| + | [Enter] | ||
| + | || Recall the '''command '''for showing the '''password status '''for the user '''amit''' | ||
| + | |||
| + | |- | ||
| + | || Show the output and highlight P | ||
| + | || Notice, the '''Status '''is now '''P'''. | ||
| + | |||
| + | Which means that the '''password '''is usable now. | ||
| + | |- | ||
| + | || Press Up key | ||
| + | || Recall the '''command '''to display '''/etc/shadow file.''' | ||
| + | |||
| + | Notice that the''' exclamation mark''' is removed now for the '''user amit'''. | ||
| + | |||
| + | It means the '''password '''is not locked anymore. | ||
| + | |- | ||
| + | || | ||
| + | passwd -d amit [Enter] | ||
| + | || As system admin, you can delete a '''user’s password '''also. | ||
| + | |||
| + | To delete the '''password '''for '''user amit''', type | ||
| + | |||
| + | '''passwd space -d space amit''' | ||
| + | |- | ||
| + | || | ||
| + | || So, the '''password '''for the '''user amit '''has been removed. | ||
| + | |||
| + | It is a quick way to disable a '''user’s password.''' | ||
| + | |- | ||
| + | || Press up key until you get back password -S command | ||
| + | |||
| + | [Enter] | ||
| + | || Recall the '''command '''for showing the '''password status '''for the user '''amit''' | ||
| + | |- | ||
| + | || Show the output and highlight NP | ||
| + | || Notice that the '''password status '''is now '''NP'''. | ||
| + | |||
| + | So, '''password '''is not set for '''user amit.''' | ||
| + | |- | ||
| + | || Slide 11 | ||
| + | || Next, let’s look at '''password '''expiry information. | ||
| + | |||
| + | |||
| + | * To display the '''user’s password '''expiry information, we had used '''passwd hyphen capital S '''option | ||
| + | * We can also use''' chage command '''with the option '''small L''' | ||
| + | * This gives the output in a more user-friendly format. | ||
| + | |||
| + | |- | ||
| + | || | ||
| + | chage -l amit [Enter] | ||
| + | || To view the information about''' user amit, '''switch to the '''terminal''' and type: | ||
| + | |||
| + | '''chage space hyphen l space amit''' | ||
| + | |- | ||
| + | || Highlight output | ||
| + | || Notice that we have a lot of information in the output. | ||
| + | |||
| + | Let us look at them one by one. | ||
| + | |- | ||
| + | || Highlight | ||
| + | |||
| + | Minimum number of days between password change : 0 | ||
| + | || See, it is showing the minimum number of days between '''password change''' as 0 | ||
| + | |||
| + | A value of 0 indicates that the '''user''' is allowed to change his or her '''password '''anytime. | ||
| + | |- | ||
| + | || | ||
| + | || The system admin can set minimum number of days between '''password changes '''using '''passwd '''with '''-n''' option. | ||
| + | |- | ||
| + | || passwd -n 30 amit | ||
| + | |||
| + | [Enter] | ||
| + | || Let us set this, so that the '''user amit '''can change his '''password '''only after 30 days from the previous one. | ||
| + | |||
| + | To do that, type | ||
| + | |||
| + | '''passwd space -n space 30 space amit''' | ||
| + | |- | ||
| + | || Press Up key twice to get chage command | ||
| + | |||
| + | chage -l amit [Enter] | ||
| + | || Recall the '''chage command '''for the user '''amit'''. | ||
| + | |||
| + | |- | ||
| + | || Highlight | ||
| + | |||
| + | Minimum number of days between password change : 30 | ||
| + | || So now, '''amit''' is allowed to change his '''password''' only after 30 days. | ||
| + | |||
| + | |- | ||
| + | || Highlight | ||
| + | |||
| + | Maximum number of days between password change : 99999 | ||
| + | || Notice, maximum number of days between '''password change''' is shown as 99999 days. | ||
| + | |||
| + | It is a very long time. | ||
| + | |||
| + | It practically means that the '''password''' will never expire. | ||
| + | |- | ||
| + | || Type at the terminal | ||
| + | |||
| + | passwd -x 180 amit | ||
| + | |||
| + | [Enter] | ||
| + | || To customize the maximum number of days for which the '''user password''' remains valid, use '''-x option''' | ||
| + | |||
| + | So let us change the setting such that '''user amit'''’s '''password '''is set to a maximum of 180 days. | ||
| + | |||
| + | Type: '''passwd space hyphen x space 180 space amit''' | ||
| + | |- | ||
| + | || Press Up key | ||
| + | |||
| + | [Enter] | ||
| + | || Recall the '''chage command '''for the user '''amit'''. | ||
| + | |- | ||
| + | || Highlight | ||
| + | |||
| + | Maximum number of days between password change : 180 | ||
| + | || This message indicates that '''amit’s password '''will be valid for 180 days only. | ||
| + | |||
| + | After 180 days, '''user amit '''will have to change his '''password'''. | ||
| + | |- | ||
| + | || Highlight | ||
| + | |||
| + | Number of days of warning before password expires : 7 | ||
| + | || Notice, for now, the '''user '''will get a warning message 7 days before the '''password '''expires. | ||
| + | |||
| + | You can also set specific number of days for the warning message before the '''password''' expires. | ||
| + | |||
| + | Let me set it as 10 days. | ||
| + | |- | ||
| + | || Type | ||
| + | |||
| + | passwd -w 10 amit [Enter] | ||
| + | || Type '''passwd space hyphen w space 10 space amit ''' | ||
| + | |||
| + | |- | ||
| + | || Press Up key | ||
| + | |||
| + | [Enter] | ||
| + | || Let’s recall the '''chage command '''for the user '''amit'''. | ||
| + | |||
| + | |- | ||
| + | || Highlight | ||
| + | |||
| + | Number of days of warning before password expires : 10 | ||
| + | || So, this will give warning message to the '''user '''10 days before '''password '''expiry. | ||
| + | |||
| + | The message will state that his or her '''password '''is going to expire. | ||
| + | |- | ||
| + | || Slide 12B | ||
| + | || | ||
| + | * How can we force the '''user''' to change their '''password '''during their next '''login'''? | ||
| + | * For that we have to use '''passwd command '''with '''-e option.''' | ||
| + | |||
| + | |- | ||
| + | || Type | ||
| + | |||
| + | passwd -e amit [Enter] | ||
| + | || Type '''passwd space -e space amit''' | ||
| + | |||
| + | It will expire the '''user’s password '''immediately. | ||
| + | |||
| + | So, the '''user '''will be forced to change their '''password '''at their next '''login '''attempt. | ||
| + | |- | ||
| + | || Show the output | ||
| + | || Notice, it says '''password '''expiry information has changed. | ||
| + | |- | ||
| + | || Press Up key | ||
| + | |||
| + | [Enter] | ||
| + | || Recall the '''chage command '''for the user '''amit'''. | ||
| + | |- | ||
| + | || Highlight | ||
| + | |||
| + | Password Expires: Password must be changed | ||
| + | || So, '''password''' must be changed. | ||
| + | |- | ||
| + | || Slide 13 | ||
| + | || | ||
| + | * Now suppose the '''user’s password '''has already expired. | ||
| + | * After '''password '''expiry, you can give the '''user '''a''' grace period'''. | ||
| + | * The '''user '''will be able to change the '''login password '''within that '''grace period'''. | ||
| + | |||
| + | |- | ||
| + | || Slide 14 | ||
| + | || | ||
| + | * Otherwise, the '''user account '''will be disabled permanently. | ||
| + | * That '''grace period '''is called '''period of inactivity'''. | ||
| + | * You can set this '''inactivity period '''with the help of '''hyphen i option'''. | ||
| + | |||
| + | |- | ||
| + | || Type: | ||
| + | |||
| + | passwd -i 20 amit | ||
| + | |||
| + | [Enter] | ||
| + | || Let us set the '''grace period '''as 20 days for '''user amit.''' | ||
| + | |||
| + | Type '''passwd space hyphen i space 20 space amit''' | ||
| + | |- | ||
| + | || Show the output | ||
| + | || Notice, the '''user password '''information has now changed. | ||
| + | |- | ||
| + | || Retain same screen | ||
| + | || Till now, we have executed '''passwd command '''with only one option at a time. | ||
| + | |||
| + | Please note, you can also combine multiple '''options '''in a single '''command'''. | ||
| + | |- | ||
| + | || Show | ||
| + | |||
| + | passwd -n 10 -x 30 amit [Enter] | ||
| + | || For example: | ||
| + | |||
| + | This '''command '''sets the minimum and maximum days between '''password change '''as 10 and 20 respectively. | ||
| + | |- | ||
| + | || Type | ||
| + | exit and press '''Enter''' | ||
| + | || To exit from the '''root user access''', | ||
| + | |||
| + | Type '''exit''' | ||
| + | |- | ||
| + | || Retain same screen | ||
| + | || This brings us to the end of this tutorial. | ||
| + | |||
| + | Let us summarize. | ||
| + | |- | ||
| + | || Slide 15 | ||
| + | |||
| + | Summary | ||
| + | || In this tutorial we learnt about- | ||
| + | |||
| + | * Changing''' password''' | ||
| + | * Locking and unlocking '''password''' | ||
| + | * '''Password '''removal | ||
| + | * Changing''' password '''expiry information | ||
| + | |||
| + | |- | ||
| + | || Slide 16 Assignment | ||
| + | || As an assignment- | ||
| + | |||
| + | Change '''password''' expiry information of the '''user amit '''as follows | ||
| + | |||
| + | * Minimum number of days between '''password''' change: 20 days | ||
| + | * Maximum number of days between '''password''' change: 100 days | ||
| + | * '''Period of inactivity''': 5 days | ||
| + | |||
| + | |- | ||
| + | || Slide 17 Assignment(Cont.) | ||
| + | || | ||
| + | * Use a single '''command''' to execute all of the above | ||
| + | * Check the '''password '''expiry information by using '''chage command''' | ||
| + | * Check '''password status '''by using the '''passwd command '''with the required '''option''' | ||
| + | |||
| + | |- | ||
| + | || Slide 19: About Spoken Tutorial project | ||
| + | || The video at the following link summarises the Spoken Tutorial project. | ||
| + | |||
| + | Please download and watch it. | ||
| + | |- | ||
| + | || Slide 20: Spoken Tutorial workshops | ||
| + | || The '''Spoken Tutorial Project''' team conducts workshops and gives certificates. | ||
| + | |||
| + | For more details, please write to us. | ||
| + | |- | ||
| + | || Slide 21: Forum for specific questions: | ||
| + | || Please post your timed queries in this forum. | ||
| + | |- | ||
| + | || Slide 22: Acknowledgement | ||
| + | || Spoken Tutorial Project is funded by NMEICT, MHRD, Government of India. | ||
| + | |||
| + | More information on this mission is available at this link. | ||
| + | |- | ||
| + | || Slide 23: Thank You | ||
| + | || The script has been contributed by Antara and this is Praveen from IIT Bombay signing off. | ||
| + | |||
| + | Thank you for joining. | ||
| + | |- | ||
| + | |} | ||
Latest revision as of 19:31, 13 February 2019
Title of script: User Password management
Author: Antara Roy Choudhury
Keywords: passwd, change, Changing user password, Locking and unlocking password, Password removal, Password expiry
| Visual Cue | Narration |
| Slide 1: Introduction | Hello and welcome to the spoken tutorial on User Password Management in Linux. |
| Slide 2: Learning Objectives | In this tutorial we will learn about
We will do this through some examples. |
| Slide 3: System requirement | To record this tutorial, I am using Ubuntu Linux 16.04 OS |
| Slide:4 Prerequisite | To practice this tutorial,
|
| Slide 5A | In this tutorial we will learn about passwd command.
Let’s learn how to do this. |
| Press Ctrl+Alt+T | Open the Terminal by pressing Ctrl, Alt and T keys simultaneously on the keyboard. |
| Type
sudo su [Enter] |
First, we should login as the superuser or root user.
To do so type: sudo space su And press Enter. |
| Type
Password of your account [Enter] |
Type our password and then press Enter. |
| Highlight # prompt | Notice, our login prompt has changed to a hash symbol.
This indicates that we are in the root user mode. |
| Only narration | Here onwards, please remember to press the Enter key after typing each command. |
| Type:
passwd amit [Enter] |
On the terminal type passwd space amit |
| Type new_pass
[Enter] Re-type new_pass [Enter] |
It will ask you to type a new password.
Type the new password, say new_pass and press Enter. Retype the same password and press Enter again. |
| The password has now changed. | |
| Slide 5B | As a system admin, you may need to change the password for the root account itself.
To do so, you should type passwd and press Enter. When prompted, you should type your new password and press Enter. |
| Slide 5C | It will prompt you to type the password once again.
So retype the same password and press Enter. You will get a message that the password has been updated successfully. |
| Slide 6 | Password status information related to a user account can be displayed, as well.
This is done by using hyphen capital S with the passwd command. |
| Switch to the terminal. | Switch to the terminal. |
| Type:
passwd -S amit [Enter] |
Type passwd space hyphen capital S space amit |
| Show the output | The output shows seven space separated fields.
Let us understand them one by one. |
| Slide 6a: | Suppose, your output shows this.
The first field is the username. The second field indicates whether the user account:
|
| Slide 7: | The third field gives the date of the last password change.
Fourth to seventh fields indicate password expiry information. |
| Slide 8: | The fields are minimum age, maximum age, warning period, and inactivity period for the password.
These ages are expressed in days. We will discuss these in a couple of minutes. |
| Show the output of previous command | Notice user amit now has a usable password.
We have changed our password just now. So, the third field is showing today’s date 16th Jan 2019. It may be different in your case. |
|
Type passwd -aS [Enter] |
As a system admin, you may need to check the password status of all the user accounts.
For this, we will use the option small a along with capital S. Type passwd space hyphen small a capital S |
| Show the output | Notice, the password status of the user accounts are shown here. |
| Type:
passwd -l amit [Enter] |
Now, as a system admin you may need to lock a user’s password for some reason.
To lock the password for user amit, type passwd space hyphen l space amit |
| Press up key twice to get back password -S command
[Enter] |
Press the up arrow key thrice to get back the command for showing password status of user amit. |
| Show the output and highlight L | Notice, the status is now L.
This means the password is locked now. |
| Type cat /etc/shadow [Enter] | We also know about /etc/shadow file.
It stores the encrypted values of all users’ passwords. Type cat space /etc/shadow Notice, you have an exclamation mark added before the encrypted password for the user amit. Now, this password field cannot be matched by any possible encrypted value. |
| Slide 9 |
|
| Slide 10 |
Login through ssh key authentication will be covered in subsequent tutorials. |
|
passwd -u amit [Enter] |
Now, to unlock the password, type:
passwd space hyphen u space amit This will restore the password to its original value. |
| Press up key until you get back password -S command
[Enter] |
Recall the command for showing the password status for the user amit |
| Show the output and highlight P | Notice, the Status is now P.
Which means that the password is usable now. |
| Press Up key | Recall the command to display /etc/shadow file.
Notice that the exclamation mark is removed now for the user amit. It means the password is not locked anymore. |
|
passwd -d amit [Enter] |
As system admin, you can delete a user’s password also.
To delete the password for user amit, type passwd space -d space amit |
| So, the password for the user amit has been removed.
It is a quick way to disable a user’s password. | |
| Press up key until you get back password -S command
[Enter] |
Recall the command for showing the password status for the user amit |
| Show the output and highlight NP | Notice that the password status is now NP.
So, password is not set for user amit. |
| Slide 11 | Next, let’s look at password expiry information.
|
|
chage -l amit [Enter] |
To view the information about user amit, switch to the terminal and type:
chage space hyphen l space amit |
| Highlight output | Notice that we have a lot of information in the output.
Let us look at them one by one. |
| Highlight
Minimum number of days between password change : 0 |
See, it is showing the minimum number of days between password change as 0
A value of 0 indicates that the user is allowed to change his or her password anytime. |
| The system admin can set minimum number of days between password changes using passwd with -n option. | |
| passwd -n 30 amit
[Enter] |
Let us set this, so that the user amit can change his password only after 30 days from the previous one.
To do that, type passwd space -n space 30 space amit |
| Press Up key twice to get chage command
chage -l amit [Enter] |
Recall the chage command for the user amit. |
| Highlight
Minimum number of days between password change : 30 |
So now, amit is allowed to change his password only after 30 days. |
| Highlight
Maximum number of days between password change : 99999 |
Notice, maximum number of days between password change is shown as 99999 days.
It is a very long time. It practically means that the password will never expire. |
| Type at the terminal
passwd -x 180 amit [Enter] |
To customize the maximum number of days for which the user password remains valid, use -x option
So let us change the setting such that user amit’s password is set to a maximum of 180 days. Type: passwd space hyphen x space 180 space amit |
| Press Up key
[Enter] |
Recall the chage command for the user amit. |
| Highlight
Maximum number of days between password change : 180 |
This message indicates that amit’s password will be valid for 180 days only.
After 180 days, user amit will have to change his password. |
| Highlight
Number of days of warning before password expires : 7 |
Notice, for now, the user will get a warning message 7 days before the password expires.
You can also set specific number of days for the warning message before the password expires. Let me set it as 10 days. |
| Type
passwd -w 10 amit [Enter] |
Type passwd space hyphen w space 10 space amit |
| Press Up key
[Enter] |
Let’s recall the chage command for the user amit. |
| Highlight
Number of days of warning before password expires : 10 |
So, this will give warning message to the user 10 days before password expiry.
The message will state that his or her password is going to expire. |
| Slide 12B |
|
| Type
passwd -e amit [Enter] |
Type passwd space -e space amit
It will expire the user’s password immediately. So, the user will be forced to change their password at their next login attempt. |
| Show the output | Notice, it says password expiry information has changed. |
| Press Up key
[Enter] |
Recall the chage command for the user amit. |
| Highlight
Password Expires: Password must be changed |
So, password must be changed. |
| Slide 13 |
|
| Slide 14 |
|
| Type:
passwd -i 20 amit [Enter] |
Let us set the grace period as 20 days for user amit.
Type passwd space hyphen i space 20 space amit |
| Show the output | Notice, the user password information has now changed. |
| Retain same screen | Till now, we have executed passwd command with only one option at a time.
Please note, you can also combine multiple options in a single command. |
| Show
passwd -n 10 -x 30 amit [Enter] |
For example:
This command sets the minimum and maximum days between password change as 10 and 20 respectively. |
| Type
exit and press Enter |
To exit from the root user access,
Type exit |
| Retain same screen | This brings us to the end of this tutorial.
Let us summarize. |
| Slide 15
Summary |
In this tutorial we learnt about-
|
| Slide 16 Assignment | As an assignment-
Change password expiry information of the user amit as follows
|
| Slide 17 Assignment(Cont.) |
|
| Slide 19: About Spoken Tutorial project | The video at the following link summarises the Spoken Tutorial project.
Please download and watch it. |
| Slide 20: Spoken Tutorial workshops | The Spoken Tutorial Project team conducts workshops and gives certificates.
For more details, please write to us. |
| Slide 21: Forum for specific questions: | Please post your timed queries in this forum. |
| Slide 22: Acknowledgement | Spoken Tutorial Project is funded by NMEICT, MHRD, Government of India.
More information on this mission is available at this link. |
| Slide 23: Thank You | The script has been contributed by Antara and this is Praveen from IIT Bombay signing off.
Thank you for joining. |
