HPE Community
Operating System - Linux
1828235 Members
2318 Online
109975 Solutions
New Discussion

How to force a password change?

 
Bolek Mynarski
Frequent Advisor

‎06-20-2000 11:13 AM

‎06-20-2000 11:13 AM

How to force a password change?

O.K. I posted this message in the RedHat newsgroup but no go.

On HP-UX, setting someone's password with an -f parameter, will force that user to change his/her password next time the log on, like so:

passwd -f user

In Linux, it has a completely different meaning. I was browsing through man pages on passwd but could not find anything that would remotely resemble my "passwd -f" from HP-UX.

Any ideas?

Thanks.
It'snever too late to learn new things...
0 Kudos
Reply
14 REPLIES 14
Albert E. Whale, CISSP
Honored Contributor

‎06-20-2000 12:54 PM

‎06-20-2000 12:54 PM

Re: How to force a password change?

Boleslaw,

The command you are looking for is called chage. I believe that you need the shadow password package inorder to manipulate the password age and expiration dates.

I have attached the man Page for you.

Chage is part of the Shadow Utils Package.

I am running Linux Mandrake 7.0, but I'm sure there are similar tools available at your local RedHat RPM Mirror.

[root@offsite1 /root]# which chage
/usr/bin/chage
[root@offsite1 /root]# rpm -qf /usr/bin/chage
shadow-utils-19990827-3mdk
[root@offsite1 /root]#


Hope that helps!
Sr. Systems Consultant @ ABS Computer Technology, Inc. http://www.abs-comptech.com/aewhale.html & http://www.ancegroup.com
0 Kudos
Reply
Bolek Mynarski
Frequent Advisor

‎06-20-2000 04:57 PM

‎06-20-2000 04:57 PM

Re: How to force a password change?

Hi Albert,

That's not what I'm looking for. "chage" would be an equivalent of secure accounts on HP-UX. What I am looking for is something as simple as (taken from HP-UX):

passwd -f user

which will force that user to change his/her password at the next logon. No fooling around with password age, minimum and maximum number of days and so on. :-(

So far, this is the only shortcoming I've seen on part of Linux in comparison to HP-UX (except for LVM which would be a killer app if Linux had it).
It'snever too late to learn new things...
0 Kudos
Reply
Dan Am
Frequent Advisor

‎06-21-2000 01:39 AM

‎06-21-2000 01:39 AM

Re: How to force a password change?

to my surprise: you seem to be right.
but you can handle it, by adding :
-----
if [ -e .pw_lock ]
then
passwd
rm .pw_lock
fi
-----
to users .profile.


then write a script "pwforce" or s'thing
containing:
-----
touch /home/$1/.pw_lock
chown $1 /home/$1/.pw_lock
-----
$1 being your user and assuming your HOME-dirs have the naming-convention
/home/
do what you can. don't if you can't.
0 Kudos
Reply
Dan Am
Frequent Advisor

‎06-21-2000 01:43 AM

‎06-21-2000 01:43 AM

Re: How to force a password change?

BTW:

Suse-Distro has LVM. Bit shaky still, esp.
when you set it up, but works on this very machine, striping and all.
do what you can. don't if you can't.
0 Kudos
Reply
Albert E. Whale, CISSP
Honored Contributor

‎06-21-2000 05:39 AM

‎06-21-2000 05:39 AM

Re: How to force a password change?

Boleslaw,

I believe that if you use:
chage -M 0

you will acheive the same functionality.

Here's the excerpt I am reading from the man pages.

With the -M option, the value of maxdays is the maximum number of days during which a password is valid. When maxdays plus lastday is less than the current day, the user will be required to change her password before being able to use her account. This occurance can be planned for in advance by use of the -W option, which provides the user with advance warning.

Hope this helps.
Sr. Systems Consultant @ ABS Computer Technology, Inc. http://www.abs-comptech.com/aewhale.html & http://www.ancegroup.com
0 Kudos
Reply
Bolek Mynarski
Frequent Advisor

‎06-21-2000 11:38 AM

‎06-21-2000 11:38 AM

Re: How to force a password change?

Hi Albert,

I read man pages too. After trying it (last night) and today (one more time with chage -M 0 user), I'm getting this:

Warning: your password will expire in -2 days

and you can happily login with the same password over and over again.

I'll take a look at the script way later on but it already seems like it's going to be a lot of hassle. I miss my passwd -f user from HP-UX :-(
It'snever too late to learn new things...
0 Kudos
Reply
Albert E. Whale, CISSP
Honored Contributor

‎06-21-2000 12:00 PM

‎06-21-2000 12:00 PM

Re: How to force a password change?

Boleslaw,

We're going to solve this yet, but I need a few points to conitnue this train ....

Then send us the following

chage -l

I want to see what the 2 days is, Probably a warnign field which needs to be reset in order to take effect immediately.

Don't give up on chage yet.
Sr. Systems Consultant @ ABS Computer Technology, Inc. http://www.abs-comptech.com/aewhale.html & http://www.ancegroup.com
0 Kudos
Reply
Michael Worsham
Occasional Advisor

‎10-02-2001 10:24 AM

‎10-02-2001 10:24 AM

Re: How to force a password change?

Take a look at www.google.com and search for 'password aging'. Note that this can only be done on Linux systems that are using shadowed passwords.

For addition reference, check:
http://www.cis.ohio-state.edu/~mamrak/CIS762/unix_encryption_tut.html
http://www.linux.com/howto/Shadow-Password-HOWTO-7.html
Be lazy. Do it right the first time.
0 Kudos
Reply
Brian Roberson
New Member

‎12-18-2001 02:06 PM

‎12-18-2001 02:06 PM

Re: How to force a password change?

CHANGELOG FROM shadow-utils:
shadow-960129 => shadow-960810
- SunOS4-like passwd -e (force change on next login) (isexpired.c, passwd.c)
0 Kudos
Reply
Jonathan Pulfer
New Member

‎01-17-2002 10:27 AM

‎01-17-2002 10:27 AM

Re: How to force a password change?

try

passwd -x user

Cheers
John
0 Kudos
Reply
Christoph Rothe_3
Frequent Advisor

‎03-12-2002 02:44 AM

‎03-12-2002 02:44 AM

Re: How to force a password change?

Hi,

I think I got a solution:

chage supports an option -d which sets the date of last password change.

So if you want to force your user to change his/her passwort after 90 days, you would enter the following command:

chage -M 90 username

Now you want him to change his passwort immediately, so today (12.03.2002) you would do the following

chage -M 90 -d 12.12.2001 username

I think it would be much easier to let the computer do the work...

I did not test this but possibly this could work to calculated the date in UNIX time format.

bc `date +%s` - (24*60*60*90)

Unfortunately I do not know how to convert this back to a normal date format.

Christoph
0 Kudos
Reply
Christopher C. Weis
Advisor

‎03-13-2002 09:20 PM

‎03-13-2002 09:20 PM

Re: How to force a password change?

The man page is not written particularly well, but the following has been tested and works...

prompt> chage -d 0 username

or...

chage the third field in /etc/shadow entry to a 0 (zero, not capital "o").

I hope this helps.
0 Kudos
Reply
Bjoern Myrland
Advisor

‎03-14-2002 07:22 AM

‎03-14-2002 07:22 AM

Re: How to force a password change?

This should work:
# chage -m0 -M99999 -d0 login_name
0 Kudos
Reply
solution42
New Member

‎08-09-2002 03:11 AM

‎08-09-2002 03:11 AM

Re: How to force a password change?

Hello

On my linux work:

passwd -e username
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.