User Management: Passwords

This applies to RedHat Enterprise 4 & 5, and by association to Fedora and CentOS.  It probably works on some other distros as well, but your mileage may vary.

I am constantly having to reset user passwords, as I use the “three failures and your account is locked” schema, as well as set passwords to expire every 60 days.

  1. Lock their account so they don’t log in while you are performing these steps:

    #&gt; usermod -L <em>username</em>

  2. Change their password to the temporary password you wish to assign them:

    #&gt; passwd <em>username
    </em>(Enter the password when prompted<em>)
    </em>

  3. Change the age of this new password to 0 so that the user will be forced to create a new password the next time they log in:

    #&gt; chage -d 0 <em>username</em>

  4. Unlock their account so they can log in again:

    #&gt; usermod -U <em>username</em>

That should do it!  If you’d like to learn more about requiring passwords of a certain length/complexity, setting them to auto-expire after a certain length of time, or other password management tricks, check back soon.

About Will Chatham

Will Chatham is a Cyber Security Analyst, Ethical Hacker, and Penetration Tester at a federal data center in Asheville, NC. Since Netscape 2.0, he has worked in a wide array of environments including non-profit, corporate, small business, and government. His varied background, from developer to search engine optimizer to security professional, has helped him build a wide range of skills that help those with whom he works and teaches.
Bookmark the permalink.

Leave a Reply