Change a group password using the GPASSWD command in Linux

Home > Search > Linux commands
  by

Secure group with an encrypted password

The gpasswd command without any options will start an interactive prompt to add or change a groups password. Adding or changing a group password using the groupadd or groupmod commands will create an unencrypted, cleartext password. Adding or changing a group password using the gpasswd command will create an encrypted password.

For example, to add or change the password for group1.

[root@server1 ~]# gpasswd group1
Changing the password for group group1
New Password: 
Re-enter new password: 

 

The /etc/gshadow file will display the new, encrypted password.

[root@server1 ~]# cat /etc/gshadow
group1:$6$ubMs6/4RaKZ/r1$nx5pSdEbcKMAylN0q/txGd3J1nkRqQw.VO82SWTtfpZX5OvQWCsShZgNryl7WQ5YCCVLhEulsrDK2tLI6kDdP1::

 


Remove group password

The -r or --remove-password option can be used to remove a groups password. For example, to update group1 to not have a password.

[root@server1 ~]# gpasswd -r group1

 

The second file of the /etc/gshadow file will no longer contain a password.

[root@server1 ~]# cat /etc/gshadow
group1:::

 


Restrict access to a group

The -R or --restrict option can be used to restrict access to a group. It is important to recognize that this will remove the group password.

[root@server1 ~]# gpasswd -R group1

 

Once a group has been restircted, the second file of the /etc/gshadow file will contain an exclamation point.

[root@server1 ~]# cat /etc/gshadow
group1:!::

 


Add members to a group

The -a or --add option can be used to add members to a group. For example, to add john.doe to group1.

[root@server1 ~]# gpasswd -a john.doe group1

 

john.doe is now a member of group1.

[root@server1 ~]# cat /etc/group
group1:x:1001:john.doe

 

Once the group has been restricted, only users that have a password will be permitted access to join the group when using the newgrp command.

 


Remove members from a group

The -d or --delete option can be used to remove members from a group. For example, to remove john.doe from group1.

[root@server1 ~]# gpasswd -d john.doe group1

 

john.doe is no longer a member of group1.

[root@server1 ~]# cat /etc/group
group1:x:1001:

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.




Please enter in the box below so that we can be sure you are a human.




Comments