This applies to RedHat Enterprise 4 & 5, and by association to Fedora and CentOS. It probably works on some other distros as well, but your mileage may vary.
I am constantly having to reset user passwords, as I use the “three failures and your account is locked” schema, as well as set passwords to expire every 60 days.
- Lock their account so they don’t log in while you are performing these steps:1#> usermod -L username
- Change their password to the temporary password you wish to assign them:123#> passwd username/em>(Enter the password when promptedem>)/em>
- Change the age of this new password to 0 so that the user will be forced to create a new password the next time they log in:1#> chage -d 0 username
- Unlock their account so they can log in again:1#> usermod -U username
That should do it! If you’d like to learn more about requiring passwords of a certain length/complexity, setting them to auto-expire after a certain length of time, or other password management tricks, check back soon.