Linux Chage Command to Set Password Aging for User

The command name ‘chage’ is an acronym for ‘change age’. This command is used to change the user's password's aging/expiry information. Any user can execute this command with the ‘-l’ option to view their password and aging information. No other unauthorized users can view the password's aging/expiry information. As the root user, you can execute this command to modify the aging information.

Syntax

 

chage [-m mindays] [-M maxdays] [-d lastday] [-I inactive] [-E expiredate] [-W warndays] user

We can go through some examples to get a better understanding of this command.

1) List the password aging information of a user

chage –l testuser
Output:
Last password change : May 01, 2012
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7

As you can see, password expiration is disabled for this user.

2) Disable password aging for a user

chage -I -1 -m 0 -M 99999 -E -1 testuser

• -I -1 : This will set the “Password inactive” to never

• -m 0 : This will set the minimum number of days between password change to 0

• -M 99999 : This will set the maximum number of days between password change to 99999

• -E -1 : This will set “Account expires” to never.

This will disable the password expiry of a user if it is already enabled.

3) Enable password expiry date of a user

In most cases, as an administrator, you need to set a password expiry date for all users for the purpose of better security. Once you enable password expiry date for a user, the user will be forced to change their password at the time of the next login after the expiry date.

chage -M 20 testuser
Output
Last password change : May 01, 2012
Password expires : May 21, 2012
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 20
Number of days of warning before password expires : 7

4) Set the Account expiry date in the format ‘YYYY-MM-DD’

chage –E “2012-05-28”

Output
Last password change : May 01, 2012
Password expires : May 21, 2012
Password inactive : never
Account expires : May 28, 2012
Minimum number of days between password change : 0
Maximum number of days between password change : 20
Number of days of warning before password expires : 7

5) Set the password expiry warning message

By default, this value is set to 7. So, when a user logs in prior to 7 days of expiry, they will start getting warning about the looming password expiry. If you want to change it to 10 days, you can do it as follows:

chage –W 10 testuser

6) Forcing the users to change the password on next logon

When you create a new user account, you can set it to force the user to change the password when they login for the first time as follows:

chage –d 0 testuser

This will reset “Last Password Change” to “Password must be changed”.

Hope this helps and let us know your thoughts on the above 6 chage command examples.

 
0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
LVM: Rename root VG/LV
Viewed 962 times since Sat, Jun 2, 2018
Enabling or disabling a repository using Red Hat Subscription Management
Viewed 856 times since Mon, Oct 29, 2018
How To Run Multiple SSH Command On Remote Machine And Exit Safely
Viewed 494 times since Tue, Aug 6, 2019
Linux An introduction to swap space on Linux systems
Viewed 317 times since Thu, Jan 23, 2020
Easily Monitor CPU Utilization in Linux Terminal With Stress Terminal UI
Viewed 599 times since Thu, Apr 18, 2019
RHEL: ACLs basics
Viewed 1364 times since Sun, May 27, 2018
Linux Health Check Commands
Viewed 492 times since Fri, Jun 8, 2018
Linux Kernel /etc/sysctl.conf Security Hardening
Viewed 1754 times since Fri, Aug 3, 2018
RHEL: Allowing users to ’su’ to "root" / Allowing ’root’ to login directly to the system using ’ssh’
Viewed 898 times since Sat, Jun 2, 2018
Jak ustawić LVM, jak robić snapshoty oraz automatycznie powiększać LV, czyli małe howto
Viewed 1297 times since Sun, May 20, 2018