chage – Changing password aging parameters
Security is important and being able to change parameters on user accounts to force users to change their passwords is important to our customers.
Below are the options for setting user parameters to control password aging:
Options:
-d, –lastday LAST_DAY – set date of last password change to LAST_DAY
-E, –expiredate EXPIRE_DATE – set account expiration date to EXPIRE_DATE
-h, –help display this help message and exit
-I, –inactive INACTIVE – set password inactive after expiration to INACTIVE
-l, –list – show account aging information
-m, –mindays MIN_DAYS – set minimum number of days before password change to MIN_DAYS
-M, –maxdays MAX_DAYS – set maximim number of days before password change to MAX_DAYS
-W, –warndays WARN_DAYS – set expiration warning days to WARN_DAYS
Checking parameters of a user can be done by using grep and “l” to list.
[jim.french@humcemr3 ~]$ chage -l jim.french | grep days
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
To check on expiration you can use the “l” and grep on the user with “Password” – notice the capital “P”
[jim.french@humcemr3 ~]$ chage -l jim.french | grep Password
Password expires : never
Password inactive : never
[jim.french@humcemr3 ~]$
In the following example you can make user Jim’s password expire in 30 days then go inactive 5 days later:
$ chage –M 30 –I 5 Jim
$
To check on what you just did (dates are fake) –
$ chage –l Jim | grep Password
Password expires : Mar 04, 2014
Password inactive : Mar 09, 2014
As you can see, Jim’s account will be locked 5 days after his password expires.
1903 Wright Place, Suite 120
Carlsbad, CA 92008
Toll-Free (877) 633-7743
Email customercare@medsphere.com