chage

Modify the validity period of account and password

Supplementary instructions

chage command is used to modify the validity period of the account and password.

grammar

chage [options] username

Options

-m: Minimum number of days that the password can be changed. A value of zero means the password can be changed at any time.
-M: Maximum number of days the password remains valid.
-w: The number of days to receive warning messages in advance before the user's password expires.
-E: Account expiration date. After this day, this account will be unavailable.
-d: The date of the last change.
-I: period of stagnation. If a password has expired these days, then the account will be unavailable.
-l: Example of the current settings. It is up to non-privileged users to determine when their passwords or accounts expire.

Example

You can edit /etc/login.defs to set several parameters. In the future, the password will be set by default according to the parameter settings:

PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_MIN_LEN 5
PASS_WARN_AGE 7

Of course, you can find the following two parameters to set in /etc/default/useradd:

# useradd defaults file
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes

By modifying the configuration file, it can be used for new users in the future. Users that already exist in the system can be configured directly using chage.

My server root account password policy information is as follows:

chage -l root

Last password change date: March 12, 2013
Password expiration time: Never
Password expiration time: Never
Account expiration: Never
Minimum number of days between password changes: 0
Maximum number of days between password changes: 99999
Number of days to warn before password expires: 7

I can modify my password expiration time with the following command:

chage -M 60 root
chage -l root

Last password change date: March 12, 2013
Password expiration date: May 11, 2013
Password expiration time: Never
Account expiration: Never
Minimum number of days between password changes: 0
Maximum number of days between password changes: 60
Number of days to warn before password expires: 9

Then set the password expiration time through the following command:

chage -I 5 root
chage -l root

Last password change date: March 12, 2013
Password expiration date: May 11, 2013
Password expiration date: May 16, 2013
Account expiration: Never
Minimum number of days between password changes: 0
Maximum number of days between password changes: 60
Number of days to warn before password expires: 9

As you can see from the above command, the password automatically expires 5 days after the password expires, and the user will no longer be able to log in to the system.