User Management: Passwords

This applies to RedHat Enterprise 4 & 5, and by association to Fedora and CentOS.  It probably works on some other distros as well, but your mileage may vary.

I am constantly having to reset user passwords, as I use the “three failures and your account is locked” schema, as well as set passwords to expire every 60 days.

  1. Lock their account so they don’t log in while you are performing these steps:

  2. Change their password to the temporary password you wish to assign them:

  3. Change the age of this new password to 0 so that the user will be forced to create a new password the next time they log in:

  4. Unlock their account so they can log in again:

That should do it!  If you’d like to learn more about requiring passwords of a certain length/complexity, setting them to auto-expire after a certain length of time, or other password management tricks, check back soon.

About Will Chatham

Will Chatham is the Security Assessment Engineer for Arbor Networks. Since Netscape 2.0, he has worked in a wide array of environments including non-profit, corporate, small business, and government. He started as a web developer, moved into Linux system administration, and ultimately found his place as a security professional. Having most recently conquered the OSCP certification, Will continues to hack his way into various things in an effort to make them more secure.
Bookmark the permalink.

Leave a Reply