[译]使用chage来管理Linux密码过期时间的七个例子

  本文译自 7 Examples to Manage Linux Password Expiration and Aging Using chage

  本文主要介绍命令chage的使用,译文会对原文内容会有一定的简化。

  debian系统可以通过如下命令安装chage: (chage is for change age)

apt-get install chage

  CentOS7 应该是自带这个命令了。

列出用户密码相关信息

Syntax: chage –-list username (or) chage -l username

$ chage --list dhinesh
Last password change                                    : Apr 01, 2009
Password expires                                        : never
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 99999
Number of days of warning before password expires       : 7

  注:普通用户对其它用户执行这条命令,但root用户可以

修改下密码

$ date
Thu Apr 23 00:15:20 PDT 2009

$ passwd dhinesh
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully

$ chage --list dhinesh
Last password change                                    : Apr 23, 2009
Password expires                                        : never
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 99999
Number of days of warning before password expires       : 7

  可以看出上次密码修改的时间已经发生了变化。

通过选项-M 设置账户密码的到期时间

Syntax: # chage -M number-of-days username

# chage -M 10 dhinesh

# chage --list dhinesh
Last password change                                    : Apr 23, 2009
Password expires                                        : May 03, 2009
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 10
Number of days of warning before password expires       : 7

  密码到期时间变成了十天后。

密码过期消息提醒

  如上,密码过期之前7天会提示密码过期,假如dhinesh 试图在Apr 30, 2009登录,那么将会出现如下提醒消息:

$ ssh dhinesh@testingserver
dhinesh@testingserver's password:
Warning: your password will expire in 3 days

密码过期时,强制用户修改密码

$ ssh dhinesh@testingserver
dhinesh@testingserver's password:

You are required to change your password immediately (password aged)
WARNING: Your password has expired.
You must change your password now and login again!
Changing password for dhinesh
(current) UNIX password:
Enter new UNIX password:
Retype new UNIX password:

设置账户过期时间

  可以使用-E选项设置账户的过期时间,时间格式为“YYYY-MM-DD”。

# chage -E "2009-05-31" dhinesh

# chage -l dhinesh
Last password change                                    : Apr 23, 2009
Password expires                                        : May 03, 2009
Password inactive                                       : never
Account expires                                         : May 31, 2009
Minimum number of days between password change          : 0
Maximum number of days between password change          : 10
Number of days of warning before password expires       : 7

设置用户不活跃锁定

  当用户密码过期后,可以设置用户多少天不活跃即锁定账户,如10天。

# chage -I 10 dhinesh

# chage -l dhinesh
Last password change                                    : Apr 23, 2009
Password expires                                        : May 03, 2009
Password inactive                                       : May 13, 2009
Account expires                                         : May 31, 2009
Minimum number of days between password change          : 0
Maximum number of days between password change          : 10
Number of days of warning before password expires       : 7

设置用户账户不过期

  取消用户账户过期设置。

-m 0 will set the minimum number of days between password change to 0
-M 99999 will set the maximum number of days between password change to 99999
-I -1 (number minus one) will set the “Password inactive” to never
-E -1 (number minus one) will set “Account expires” to never.
# chage -m 0 -M 99999 -I -1 -E -1 dhinesh

# chage --list dhinesh
Last password change                                    : Apr 23, 2009
Password expires                                        : never
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 99999
Number of days of warning before password expires       : 7

以上!

posted @ 2018-09-15 13:16 starnight_cyber 阅读(...) 评论(...) 编辑 收藏