Linux is a multi-user Operating System where multiple users collaborate to develop applications. Each user has its own password that authorizes this user to access private data. However, the admin of the system can change the password of these users. The passwd command is used to perform this task. In this article, we will discuss the options and examples of the passwd command in Linux.
passwd Command in Linux
In Linux, the passwd command is used to alter user account passwords. The root user has the ability to change the password for any user on the system, but a normal user can only change his or her own account password. The syntax is:
passwd [options] [username]
Displays the command's help and options
This option removes the user's password, leaving the account without any password.
Lock the user's password. This appends a character '!' to the user's encrypted password, rendering it unmatchable with any of the entered password combinations. This does not deactivate the account, but it does prohibit the user from using a password to log in. Other authentication methods, such as ssh keys, can be used to log in to the account.
This option requires the user to change their password on their next login by instantly expiring the account password.
-i, –inactive N
This option is followed by an integer, N, which is the number of days after which the account will be suspended when the password expires.
You can use this option if you only want to update the password after it has expired. Even though you requested a password change, it preserves the authentication tokens for the authentication if the password has not yet expired. Note that if a user's expiration period is set to 99999, this option will not keep tokens and will change the password.
-n, –mindays M
Set ‘M’ as the minimum number of days between password changes, preventing the user from changing the password for a given minimum number of days.
This is the option for silent mode. The message "Changing password for [user]" that is typically printed before changing a password is not repeated when using this option to change a password.
-r, –repository “REPOSITORY”
Change the password for the given repository with this option.
-R, –root CHROOT DIR
Make modifications in the CHROOT DIR directory and utilize the CHROOT DIR directory's configuration files. Because CHROOT DIR is a subdirectory of the root, it can't access the configuration files outside of CHROOT DIR.
Displays the user's password status (7 fields) in the format below.
The user's login name is the first field.
The second column specifies whether the user account has a password that is locked (L), has no password (NP), or has a password that is readable (U) (P).
The date of the most recent password change appears in the third field.
The password's minimum age, maximum age, warning period, and inactivity period are the following four fields. Days are used to indicate these ages.
-S [, –status] -a [, –all]
This combination of options displays the current status of all users' passwords. It's worth noting that you can't use -a or –all without the -S option.
Unlock an account's password.
-w, –warndays WARNING_DAYS
This option is used to change the number of days until the password expires, as well as to display a password expiration warning.
-x, –maxdays N
Set the maximum number of days the password will be valid for. The password will expire after a given number of days, and the user will be compelled to reset it.
In this article, we went through the passwd command in Linux, which is used to perform configurations on the passwords of the user. It provides various features like unlocking a user’s password, deleting a password, adding a password, getting the status of the password, etc.
People are also reading: