HPE Community
Operating System - Linux
1829404 Members
1987 Online
109991 Solutions
New Discussion

Some clarification on Password aging on Linux servers

 
bullz
Super Advisor

‎06-18-2010 03:44 AM

‎06-18-2010 03:44 AM

Some clarification on Password aging on Linux servers

Hi Crew,

Some clarification on Password aging on Linux servers

I have bunch of users, few are already expired, due to this, cron jobs are failing.
Now, I have come to a decision that, all the non-admin users which are present on server should be set to non-expiry and inactive option need to be disabled.

If I set a non-expiry for users (passwd –x -1 username), which are already expired, will it work properly after this?

Also, can I use usermod –f -1 username for inactive? ( inactive = if the user not logged in for some amount of time )

Please post your thoughts for removing password aging on linux servers?

Passwd –x -1 username
Usermod –f -1 username
0 Kudos
5 REPLIES 5
Ivan Ferreira
Honored Contributor

‎06-18-2010 05:54 AM

‎06-18-2010 05:54 AM

Re: Some clarification on Password aging on Linux servers

chage -I -1 -m 0 -M 99999 -E -1
chage -l

>>> few are already expired, due to this, cron jobs are failing

I did not know that cron jobs fails if the user account is expired.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
P Muralidhar Kini
Honored Contributor

‎06-18-2010 06:00 AM

‎06-18-2010 06:00 AM

Re: Some clarification on Password aging on Linux servers

Hi Bullz,

>> Please post your thoughts for removing password aging on linux servers?
Refer the following links -
* Linux turn OFF password expiration / aging
http://www.cyberciti.biz/tips/setting-off-password-aging-expiration.html

* 7 Examples to Manage Linux Password Expiration and Aging Using chage
http://www.thegeekstuff.com/2009/04/chage-linux-password-expiration-and-aging/

Hope this helps.

Regards,
Murali
Let There Be Rock - AC/DC
0 Kudos
Matti_Kurkela
Honored Contributor

‎06-18-2010 10:21 AM

‎06-18-2010 10:21 AM

Re: Some clarification on Password aging on Linux servers

Disabling password aging for *all* users because of cron jobs might be a massive overkill, because it's easy to identify the users that have cron jobs configured:

# ls /var/spool/cron/crontabs/

If a user has a cron job configured, there will be a file in this directory: the filename will be equal to the username.

You should always use the "crontab" command to manipulate these files (or else the cron daemon may become confused), but viewing the directory and its files to identify cron job users is certainly possible.

MK
MK
0 Kudos
P Muralidhar Kini
Honored Contributor

‎06-20-2010 12:06 AM

‎06-20-2010 12:06 AM

Re: Some clarification on Password aging on Linux servers

Hi Bullz,

>> Passwd -x -1 username
The -x option is used to set the password lifetime in days.
This however applies only to root.

Check the following link for more details -
http://linux.about.com/od/commands/l/blcmdl1_passwd.htm

>> Usermod -f -1 username

The -f option control when the account gets disabled, once the password gets
expired. Value of 0 means disable immediately. Value of -1 means the feature
is disabled. Note default value is -1.

Check the following link for more details -
http://linux.about.com/od/commands/l/blcmdl8_usermod.htm

The links provided in my previous response should help you manage the
password aging.

Regards,
Murali
Let There Be Rock - AC/DC
0 Kudos
bullz
Super Advisor

‎07-04-2010 01:49 PM

‎07-04-2010 01:49 PM

Re: Some clarification on Password aging on Linux servers

Thanks all
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.