Summary of practical skills of passwd command in Linux system

Time:2021-2-1

Let’s review the basic usage of the passwd command
The Linux passwd command is used to change the user’s password
grammar
passwd [-k] [-l] [-u [-f]] [-d] [-S] [username]
Necessary parameters:
-D delete password
-F enforcement
-K updates can only be sent after expiration
-L stop using the account
-S display password information
-U enable stopped accounts
-X sets the expiration date of the password
-G modify group password
-I stop user account after expiration
Select parameters:
–Help displays help information
–Version displays version information
example
Change user password

Copy code

The code is as follows:

#Passwd w3cschool / / set the password of the w3cschool user
Enter new UNIX password: / / enter a new password, which is not echoed
Retype new UNIX password: / / confirm password
passwd: password updated successfully
#

Display account password information

Copy code

The code is as follows:

# passwd -S w3cschool
w3cschool P 05/13/2010 0 99999 7 -1

Delete user password

Copy code

The code is as follows:

# passwd -d lx138
passwd: password expiry information changed.

OK, let’s take a look at the actual application
Example 1: changing the password of a system user

When you log in with a non root user, for example, when I log in with ‘linuxtechi’, run the passwd command, which will reset the password of the current login user.

Copy code

The code is as follows:

[[email protected] ~]$ passwd
Changing password for user linuxtechi.
Changing password for linuxtechi.
(current) UNIX password:
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
[[email protected] ~]$

When you log in as root and run the passwd command, it will reset the password of root by default. If you specify a user name after the passwd command, it will reset the password of the user.  

Copy code

The code is as follows:

[[email protected] ~]# passwd
[[email protected] ~]# passwd linuxtechi

2015114101443571.png (571×109)

Note: the password of the system user is stored in the / etc / shadow file in encrypted form.

Example 2: display password status information

To display the status information of the user password, use the – s option after the passwd command.

Copy code

The code is as follows:

[[email protected] ~]# passwd -S linuxtechi
linuxtechi PS 2015-09-20 0 99999 7 -1 (Password set, SHA512 crypt.)
[[email protected] ~]#

In the above output, the first field shows the user name, the second field shows the password status (PS = password setting, LK = password locking, NP = no password), the third field shows the time when the password was last modified, and the last four fields show the minimum and maximum period when the password can be changed, the warning period and the length of time when the password is not used.

Example 3: display password status information of all accounts

In order to display the status information of all user passwords, you need to use the “- as” option. In the passwd command, the example is as follows:

Copy code

The code is as follows:

[email protected]:~# passwd -Sa

2015114114721540.jpg (500×336)

(lctt: different distributions / passwd behave differently. Centos6.6 didn’t test successfully, but Ubuntu can. )

Example 4: use the – D option to delete the user’s password

Take me as an example to delete the password of “linuxtechi” user.

Copy code

The code is as follows:

[[email protected] ~]# passwd -d linuxtechi
Removing password for user linuxtechi.
passwd: Success
[[email protected] ~]#
[[email protected] ~]# passwd -S linuxtechi
linuxtechi NP 2015-09-20 0 99999 7 -1 (Empty password.)
[[email protected] ~]#

The “- D” option will clear the user password and disable user login.

Example 5: set the password to expire immediately

Using the ‘- E’ option in the passwd command will immediately expire the user’s password, which will force the user to change the password at the next login.

Copy code

The code is as follows:

[[email protected] ~]# passwd -e linuxtechi
Expiring password for user linuxtechi.
passwd: Success
[[email protected] ~]# passwd -S linuxtechi
linuxtechi PS 1970-01-01 0 99999 7 -1 (Password set, SHA512 crypt.)
[[email protected] ~]#

Now try to use Linux tech user SSH to connect to the host.
2015114114721540.jpg (500×336)

Example 6: lock the password of the system user

Using ‘- L’ option in passwd command can lock the user’s password, which will add “!” at the beginning of the password. When his / her password is locked, the user will not be able to change its password.

Copy code

The code is as follows:

[[email protected] ~]# passwd -l linuxtechi
Locking password for user linuxtechi.
passwd: Success
[[email protected] ~]# passwd -S linuxtechi
linuxtechi LK 2015-09-20 0 99999 7 -1 (Password locked.)
[[email protected] ~]#

Example 7: using the – U option to unlock the user password

Copy code

The code is as follows:

[[email protected] ~]# passwd -u linuxtechi
Unlocking password for user linuxtechi.
passwd: Success
[[email protected] ~]#

Example 8: using the – I option to set the inactivity time

Use the – I option in the passwd command to set the inactivity time of system users. When the password of a user (I use a Linux Techi user) has expired, the user will not be able to log in after n days (in my case, 10 days) without changing his password.

Copy code

The code is as follows:

[[email protected] ~]# passwd -i 10 linuxtechi
Adjusting aging data for user linuxtechi.
passwd: Success
[[email protected] ~]#
[[email protected] ~]# passwd -S linuxtechi
linuxtechi PS 2015-09-20 0 99999 7 10 (Password set, SHA512 crypt.)
[[email protected] ~]#

Example 9: use the – N option to set the minimum time for password change

In the following example, linuxtechi users have to change their passwords within 90 days. 0 means the user can change its password at any time.

Copy code

The code is as follows:

[[email protected] ~]# passwd -n 90 linuxtechi
Adjusting aging data for user linuxtechi.
passwd: Success
[[email protected] ~]# passwd -S linuxtechi
linuxtechi PS 2015-09-20 90 99999 7 10 (Password set, SHA512 crypt.)
[[email protected] ~]#

Example 10: use the – W option to set the warning period before password expiration

The ‘- W’ option is used in the passwd command to set the user’s warning period. This means that after n days, his / her password will expire.

Copy code

The code is as follows:

[[email protected] ~]# passwd -w 12 linuxtechi
Adjusting aging data for user linuxtechi.
passwd: Success
[[email protected]ld ~]# passwd -S linuxtechi
linuxtechi PS 2015-09-20 90 99999 12 10 (Password set, SHA512 crypt.)
[[email protected] ~]#