Linux Chage Command to Set Password Aging for User

The command name ‘chage’ is an acronym for ‘change age’. This command is used to change the user's password's aging/expiry information. Any user can execute this command with the ‘-l’ option to view their password and aging information. No other unauthorized users can view the password's aging/expiry information. As the root user, you can execute this command to modify the aging information.

Syntax

 

chage [-m mindays] [-M maxdays] [-d lastday] [-I inactive] [-E expiredate] [-W warndays] user

We can go through some examples to get a better understanding of this command.

1) List the password aging information of a user

chage –l testuser
Output:
Last password change : May 01, 2012
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7

As you can see, password expiration is disabled for this user.

2) Disable password aging for a user

chage -I -1 -m 0 -M 99999 -E -1 testuser

• -I -1 : This will set the “Password inactive” to never

• -m 0 : This will set the minimum number of days between password change to 0

• -M 99999 : This will set the maximum number of days between password change to 99999

• -E -1 : This will set “Account expires” to never.

This will disable the password expiry of a user if it is already enabled.

3) Enable password expiry date of a user

In most cases, as an administrator, you need to set a password expiry date for all users for the purpose of better security. Once you enable password expiry date for a user, the user will be forced to change their password at the time of the next login after the expiry date.

chage -M 20 testuser
Output
Last password change : May 01, 2012
Password expires : May 21, 2012
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 20
Number of days of warning before password expires : 7

4) Set the Account expiry date in the format ‘YYYY-MM-DD’

chage –E “2012-05-28”

Output
Last password change : May 01, 2012
Password expires : May 21, 2012
Password inactive : never
Account expires : May 28, 2012
Minimum number of days between password change : 0
Maximum number of days between password change : 20
Number of days of warning before password expires : 7

5) Set the password expiry warning message

By default, this value is set to 7. So, when a user logs in prior to 7 days of expiry, they will start getting warning about the looming password expiry. If you want to change it to 10 days, you can do it as follows:

chage –W 10 testuser

6) Forcing the users to change the password on next logon

When you create a new user account, you can set it to force the user to change the password when they login for the first time as follows:

chage –d 0 testuser

This will reset “Last Password Change” to “Password must be changed”.

Hope this helps and let us know your thoughts on the above 6 chage command examples.

 
0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
VMWare tools free
Viewed 1655 times since Mon, Jul 16, 2018
Tropienie pożeracza dysku
Viewed 831 times since Thu, May 24, 2018
LUKS List available methods of encryption for LUKS
Viewed 504 times since Fri, Jul 13, 2018
How To Create a Linux Swap File
Viewed 623 times since Fri, Jun 8, 2018
List of 10 Must Know Oracle Database Parameters for Database Administrator
Viewed 6060 times since Thu, Jun 21, 2018
What Is /dev/shm And Its Practical Usage
Viewed 584 times since Tue, Mar 12, 2019
How To Set Up an SSL Tunnel Using Stunnel on Ubuntu
Viewed 717 times since Fri, Sep 28, 2018
RHCS6: Debug and test multicast traffic between two hosts
Viewed 645 times since Sun, Jun 3, 2018
Learn how to align an SSD on Linux
Viewed 104 times since Fri, May 15, 2020
socat: Linux / UNIX TCP Port Forwarder
Viewed 859 times since Tue, Aug 6, 2019