Linux Chage Command to Set Password Aging for User

The command name ‘chage’ is an acronym for ‘change age’. This command is used to change the user's password's aging/expiry information. Any user can execute this command with the ‘-l’ option to view their password and aging information. No other unauthorized users can view the password's aging/expiry information. As the root user, you can execute this command to modify the aging information.

Syntax

 

chage [-m mindays] [-M maxdays] [-d lastday] [-I inactive] [-E expiredate] [-W warndays] user

We can go through some examples to get a better understanding of this command.

1) List the password aging information of a user

chage –l testuser
Output:
Last password change : May 01, 2012
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7

As you can see, password expiration is disabled for this user.

2) Disable password aging for a user

chage -I -1 -m 0 -M 99999 -E -1 testuser

• -I -1 : This will set the “Password inactive” to never

• -m 0 : This will set the minimum number of days between password change to 0

• -M 99999 : This will set the maximum number of days between password change to 99999

• -E -1 : This will set “Account expires” to never.

This will disable the password expiry of a user if it is already enabled.

3) Enable password expiry date of a user

In most cases, as an administrator, you need to set a password expiry date for all users for the purpose of better security. Once you enable password expiry date for a user, the user will be forced to change their password at the time of the next login after the expiry date.

chage -M 20 testuser
Output
Last password change : May 01, 2012
Password expires : May 21, 2012
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 20
Number of days of warning before password expires : 7

4) Set the Account expiry date in the format ‘YYYY-MM-DD’

chage –E “2012-05-28”

Output
Last password change : May 01, 2012
Password expires : May 21, 2012
Password inactive : never
Account expires : May 28, 2012
Minimum number of days between password change : 0
Maximum number of days between password change : 20
Number of days of warning before password expires : 7

5) Set the password expiry warning message

By default, this value is set to 7. So, when a user logs in prior to 7 days of expiry, they will start getting warning about the looming password expiry. If you want to change it to 10 days, you can do it as follows:

chage –W 10 testuser

6) Forcing the users to change the password on next logon

When you create a new user account, you can set it to force the user to change the password when they login for the first time as follows:

chage –d 0 testuser

This will reset “Last Password Change” to “Password must be changed”.

Hope this helps and let us know your thoughts on the above 6 chage command examples.

 
0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
Linux – Securing your important files with XFS extendend attributes
Viewed 7487 times since Wed, Jul 25, 2018
LVM: Extend an existing Volume Group by adding a new disk
Viewed 2009 times since Sat, Jun 2, 2018
CentOS / RHEL : How to move a Volume Group from one system to another
Viewed 3415 times since Mon, Jan 28, 2019
Linux 20 Netstat Commands for Linux Network Management
Viewed 9568 times since Mon, Sep 21, 2020
Build a simple RPM that packages a single file
Viewed 8385 times since Sat, Jun 2, 2018
YUM How to use yum command on CentOS/RHEL
Viewed 7047 times since Thu, Oct 25, 2018
Red Hat Enterprise Linux - Allow Root Login From a Specific IP Address Only
Viewed 2724 times since Wed, Oct 3, 2018
Setup SSL Tunnel Using Stunnel on Ubuntu
Viewed 2467 times since Fri, Sep 28, 2018
O’Reilly’s CD bookshelf
Viewed 12460 times since Wed, Jun 27, 2018
Top 25 Best Linux Performance Monitoring and Debugging Tools
Viewed 6901 times since Sun, Sep 30, 2018