Bootstrap FreeKB - Linux Commands - chage (user account aging information expire password)
Linux Commands - chage (user account aging information expire password)
Updated:   |  Linux Commands articles

The chage (change age) command can be used to view and change a user accounts aging information, such as setting how many days can elapse before a user must change their password.

 

View aging information

The chage command with the -l or --list option can be used to view information about a user account age. When creating a new account using the useradd command, Last password change will be the date the new account was created.

~]# chage -l JohnDoe
Last password change                               : Aug 01, 2016
Password expires                                   : never
Password inactive                                  : never
Account expires                                    : never
Minimum number of days between password change     : 0 
Maximum number of days between password change     : 99999
Number of days of warning before password expires  : 7

 

The passwd command can be used to create or update an encrypted password.

The usermod -p command can be used to create or update an unencrypted password.

 

The -M or --maxdays option can be used so that John Doe must change password once every x days (365 in this example).

~]# chage -M 365 JohnDoe
. . .
Maximum number of days between password change     : 365

 

 

Password never expires

Setting max days to 99999 means John Doe never needs to reset his password. Setting this to 99999 will also set "Password expires" to never.

~]# chage -M 99999 JohnDoe
. . .
Password expires                                   : never
Maximum number of days between password change     : 99999

 

The -E or --expiredate option can be used so that John Doe must change password by a certain date (January 01, 2020 in this example). 

~]# chage -E 01-01-2020 JohnDoe
. . .
Password expires                   : Jan 01, 2020

 

Password never expires

Set expiration date to -1 to set this to never. However, if max days is not 99999, max days will take precedence over expiration date, which means the password may still expire, forcing John Doe to have to reset his password again.

~]# chage -E -1 JohnDoe
. . .
Password expires                                   : never

 

The -W or --warndays option can be used to warn John Doe that his password will expire in x days (14 days in this example).

~]# chage -W 14 JohnDoe
. . .
Number of days of warning before password expires  : 14

 

If John Doe does not change his password before it expires, give John Doe an extra x days to change password (7 days in this example). Setting this to -1 sets this to never.

~]# chage -I 7 JohnDoe
. . .
Password inactive              : 7

 

John Doe can only change password once every x hours (24 hours in this example). Setting this to 0 disables this control.

~]# chage -m 1 JohnDoe
. . .
Minimum number of days between password change     : 1

 

 

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Comments


Add a Comment


Please enter d3724b in the box below so that we can be sure you are a human.