- Linux Change Password Command: Change password expiry in Linux
- Change expiry and enter new UNIX password in Linux
- Listing password aging for user
- Change the number of days to expire
- Change the password to never expire
- Change account expiry to specific date
- How to set user password to never expire in Linux/Ubuntu/Docker
- Viewing the user password expiry details.
- The option to set the user password to never expire
- Here is the complete list of options available:
- Linux: Set Password to NEVER Expire
- Set Password to NEVER Expire in Linux
- Non-Expiring password on Linux server
- 7 Answers 7
- Solaris/SunOS:
Linux Change Password Command: Change password expiry in Linux
Linux is one of the most popular operating systems for servers, and Linux also offers a great desktop OS. However, there are some things that can be difficult to understand when you’re new to Linux. One example is passwords expiry – what does this mean? How do you change the expiration date for your password in Linux? How do you change user password, UNIX password, and use the passwd command?
If you’re not in IT services, or sidebar not a techie, the Linux change password command and coding the expiry date can all seem overwhelming. If you can barely remember your username, setting expiration dates is the last thing on your mind. But, Linux change account passwords settings allow you to keep yours and others users in Linux secure. By using the root user and the user root password and the command line chage.
In this article, we’ll answer these questions and more. Keep reading to learn more.
Change expiry and enter new UNIX password in Linux
“chage” is the command to list & change the user password aging information for the change password user account. Use the passwd command chage to change the number of days between user password expiry and the current date. It’s easy to access the chage command line to utilize it in Linux. Think of it as the account password change button in the shadow file.
The change the password notification will be sent and passwords will be set to expire on the date you specify. The valid range is from 0 (today) up until 90 years in future, and if it’s less than today then a warning message pops-up again reminding that the change user password in Linux has already expired.
Here’s a real quick rundown on how to show the expiration date of a particular linux user account. Here are the different settings:
- Listing password aging for user and user accounts
- Change the number of days to expire for the alert to change user password on the account
- Change the password to never expire so you have control and can change your own password
- Change account expiry to a specific date to change the password
Let’s explore how to use this command in the terminal!
Listing password aging for user
chage command with option -l shows the expiry details of a specific user. This sudo command allows users to plan on a new password the next time the user’s password is set to expire.
In this example, the user’s last new password change was on Dec 25th 2017 and it expires in 90 days. The user will be notified within login 7 days before expiry.
[root@centos01 ~]# chage -l demouser Last password change : Dec 25, 2017 Password expires : never Password inactive : never Account expires : never Minimum number of days between password change : 0 Maximum number of days between password change : 90 Number of days of warning before password expires : 7 [root@centos01 ~]#
Change the number of days to expire
Use -M option and provide the number of days to expiry. You can see in the example below, the user can change to their new password the next time it’s required, in 180 days.
Some of the reasons you might want to change the number of days to expiry are to enforce a more stringent new password policy, to force the user into changing their passwords on time, to take over the account with the sysadmin, doubling back to the root user, etc.
[root@centos01 ~]# chage -M 120 demouser [root@centos01 ~]# chage -l demouser Last password change : Jan 25, 2018 Password expires : May 25, 2018 Password inactive : never Account expires : never Minimum number of days between password change : 0 Maximum number of days between password change : 120 Number of days of warning before password expires : 7 [root@centos01 ~]#
Change the password to never expire
You can use chage to make the user’s password never expire with the below options. This sets the user password/UNIX password to never expire. Some reasons why you may want to switch to the password never expiring are if you’re sharing the account with a co-worker or if it is for your personal use.
This way neither one of you will be left in the lurch if you forget your password. You simply manage the root access passwd and type passwd command to change it yourself when needed.
You can also set the number of days to change and how many warnings you want before it expires with chage. Be careful to keep track of your passwords and to set the correct number of days for your user password.
This command will create an expiration date that is in never part, so it won’t expire at all: PASSWORD_MAXAGE=never chage -M 0 username . A maximum password age can be specified as a time span with units such (years) or (-m):
Option one: -M199200 — this will set the Linux password to never expire and then change user password expires attribute from “never” (default)to NEVER (-1201). The screen looks like this.
[root@centos01 ~]# chage -m 0 -M 99999 -I -1 -E -1 demouser [root@centos01 ~]# chage -l demouser Last password change : Jan 25, 2018 Password expires : never Password inactive : never Account expires : never Minimum number of days between password change : 0 Maximum number of days between password change : 99999 Number of days of warning before password expires : 7 [root@centos01 ~]#
Change account expiry to specific date
You can set the user password commands or UNIX password and the entire account distribution to expire on a specific date or +N number of days from the current date.
Some of the reasons this is helpful are when you are testing a potential new employee and whether the information they gave is accurate, and want the user password to expire after the test window is done. When the file is set to expire, or when an employee is terminated, etc shadow.
All of this is done with one command: ot@centos01 ~] #chage -E +21 demouser (type in your password and answer y)[/size][/li][line break=true
To set an expiration date, use: chage username +N days from now.
Here are the examples using chage -E option.
[root@dev01 ~]# chage -E 2019-05-12 demouser or [root@dev01 ~]# chage -E $(date -d +180days +%Y-%m-%d) demouser [root@dev01 ~]# chage -l demouser Last password change : never Password expires : never Password inactive : never Account expires : May 12, 2019 Minimum number of days between password change : 0 Maximum number of days between password change : 99999 Number of days of warning before password expires : 7 [root@dev01 ~]#
How to set user password to never expire in Linux/Ubuntu/Docker
Linux, Ubuntu, and Linux-based Docker images, the password expiry can be set by using the change command.
chage - change user password expiry information
Let us explore it in detail.
Viewing the user password expiry details.
To view the current password expiry date, use the -l option
[email protected]:~# chage -l codex Last password change : Sep 28, 2020 Password expires : Oct 08, 2020 Password inactive : never Account expires : never Minimum number of days between password change : 0 Maximum number of days between password change : 10 Number of days of warning before password expires : 7
The option to set the user password to never expire
To make the user password never expire, set the MAX_DAYS to -1 (minus one)
[email protected]:~# chage -l codex Last password change : Sep 28, 2020 Password expires : never Password inactive : never Account expires : never Minimum number of days between password change : 0 Maximum number of days between password change : -1 Number of days of warning before password expires : 7
Here is the complete list of options available:
Usage: chage [options] LOGIN Options: -d, --lastday LAST_DAY set date of last password change to LAST_DAY -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE -h, --help display this help message and exit -i, --iso8601 use YYYY-MM-DD when printing dates -I, --inactive INACTIVE set password inactive after expiration to INACTIVE -l, --list show account aging information -m, --mindays MIN_DAYS set minimum number of days before password change to MIN_DAYS -M, --maxdays MAX_DAYS set maximum number of days before password change to MAX_DAYS -R, --root CHROOT_DIR directory to chroot into -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS
Reference: Ubuntu – change command man page
Note: This is tested on Ubuntu Linux, the same should work across most Linux distributions and Linux-based containers.
Linux: Set Password to NEVER Expire
If your Linux user’s password is about to expire, you may see a message as follows on your login screen:
Warning: Your password will expire in X days
In this note i will show how to disable the Linux user’s password expiration from the command line using the chage command.
Cool Tip: How to generate a password hash for /ect/shadow in Linux! Read more →
Set Password to NEVER Expire in Linux
To check a user’s password expiration settings in Linux, use the chage command:
$ chage -l - sample output - Last password change : Sep 30, 2021 Password expires : Dec 29, 2021 Password inactive : never Account expires : never Minimum number of days between password change : 0 Maximum number of days between password change : 90 Number of days of warning before password expires : 7
To set the Linux user’s password to never expire in an interactive mode:
$ sudo chage - sample output - Changing the aging information for Enter the new value, or press ENTER for the default Minimum Password Age [0]: Enter Maximum Password Age [90]: 99999 Last Password Change (YYYY-MM-DD) [2021-09-30]: Enter Password Expiration Warning [7]: Enter Password Inactive [-1]: Enter Account Expiration Date (YYYY-MM-DD) [-1]: Enter
To turn off the Linux user’s password expiration non-interactively:
$ sudo chage -I -1 -m 0 -M 99999 -E -1
Ensure that the user’s password expiration settings have changed:
$ chage -l - sample output - Last password change : Sep 30, 2021 Password expires : never Password inactive : never Account expires : never Minimum number of days between password change : 0 Maximum number of days between password change : 99999 Number of days of warning before password expires : 7
Cool Tip: Generate a random password from the Linux command line! Read more →
Non-Expiring password on Linux server
I’d like to set up an account on a linux server and make the account’s password never expire. I’m having difficulties figuring it out with the passwd man page. Could someone please help me out?
7 Answers 7
To maximize password expiration:
To disable account expiration:
To set the system defaults, look at /etc/default/useradd
Solaris/SunOS:
Turn off aging while allowing user to retain current password
Force user to change password at next login, and then turn off aging
(Hopefully this helps someone out)
You want the chage command you just set the account minimum password to a rediculously long time like 9999999999 days.
The complete command to mitigate any other previous configurations is the following:
chage -E -1 -M -1 -I -1 username
AIX: Non expiring password
Changing user history size
change the users password
Clear flags that tells the OS to reset password on login (after password reset)
If you do not want to cause any commotion by editing your user history size you can use the following command to change the security file to say that the last time you reset your password is always today’s date. You can export this in your .profile file so it runs every time you log in as well.
chsec -f /etc/security/passwd -s -a lastupdate=`date +%s`
Here is a full example of chage command (Change age) about Linux expiration password: Completely disable password expiration and account:
-m 0 : Minimum number of days for the password change. -M 99999 : Maximum number of days a password change. -I -1 : We set: "Password inactive" never. -E -1 : We set: "Expires Account" never.
The example username is: sysadmit
[root@linux1~] # chage -m 0 -M 99999 -I -1 -1 -E sysadmit [root@linux1~] # chage --list sysadmit Last password change: July 15, 2017 Password expires: never Password inactive: never Account expires: never Minimum number of days Between password change: 0 Maximum number of days Between password change: 99999 Number of days of warning before Expires password 7