Disable / Turn Off Linux Password expiration / Aging

Yep, another personal reference and to think that I should know these stuff by heard. Well, most of the servers I am handling now are solaris and for particular example, it’s for Linux..

I guess there will be some similarities but for this post, we’ll take Redhat linux as an example:

The command is chage (looks like a misspelled ‘change’ right? It’s actually “Change” “Age”)

/etc/shadow stores actual password in encrypted format for user’s account with additional properties related to user password.

The password expiration information for a user is contained in the last 6 fields. Password expiration for a select user can be disabled by editing the /etc/shadow file

However I recommend using chage command. The chage command changes the number of days between password changes and the date of the last password change. This information is used by the system to determine when a user must change his/her password.

To list current aging type chage command as follows:

# chage -l rg49945
Minimum: 0
Maximum: 99999
Warning: 7
Inactive: -1
Last Change: Jun 07, 2011
Password Expires: Never
Password Inactive: Never
Account Expires: Never
#
# chage -l ct92623
Minimum: 0
Maximum: 99999
Warning: 7
Inactive: -1
Last Change: Jun 07, 2011
Password Expires: Never
Password Inactive: Never
Account Expires: Never
#
# passwd rg49945
Changing password for user rg49945.
New password:
Re-enter new password:
Password changed.
passwd: all authentication tokens updated successfully.
#
# passwd ct92623
Changing password for user ct92623.
New password:
Re-enter new password:
Password changed.
passwd: all authentication tokens updated successfully.

Leave a Reply

Your email address will not be published. Required fields are marked *