25. passwd command - muneeb-mbytes/linux_course GitHub Wiki

passwd Command

The passwd command is used to changes passwords for user accounts.
A normal user may only change the password for their own account, while the superuser may change the password for any account.
passwd also changes the account or associated password validity period. This task is achieved through calls to the Linux-PAM and libuser API.

passwd [-k] [-l] [-u [-f]] [-d] [-e] [-n mindays] [-x maxdays] [-w warndays] [-i inactivedays] [-S] [--stdin] [username]

Cheat Sheet for all variations of "passwd" commands:

Sr.no	passwd commands with different variations	description
1	passwd -S user	Used to check the status of an user and type of password encryption.
2	passwd -l user	Used to lock the password of a specified account, and it is available to root only.
3	passwd -u user	Used to unlock the password.
4	passwd -d user	Used to deletes the user password.
5	passwd -e user	Used to expire a password for an user account.
6	passwd -n min_days user	Used to sets the minimum number of days before a password cannot be changed.
7	passwd -x max_days user	Used to Set the maximum number of days a password remains valid.
8	passwd -w days user	Used to get a warning message before number of days in advance that the password will expire.
9	passwd -i days user	Used to disable the user account after the inactive_days when password expires and the account will be deactivated.
10	passwd --help	Gives all possible variations available in passwd.

passwd -k user

passwd -S user

shows the account evans was created on 7th September 2020 and has a password set with SHA512 encryption.

The output above shows the account evans was created on 7th September 2020 and has a password set with SHA512 encryption.

passwd-s-final

      Fig-

passwd -l user

The -l option is used to lock the password of a specified account, and it is available to root only.
The result is that the user cannot use the password to log in to the system which means it does not disable the account but prevents the user from logging in using a password but can use other means such as SSH public key authentication.

passwd-l-final

      Fig-2: Using of passwd -l command

passwd -u user

This option is used to unlock the password.

passwd-u-final

      Fig-3: Usage of passwd -u command

passwd -d user

This option deletes the user password and makes the account password-less.

passwd-d-final

      Fig-4: Usage of passwd -d command

passwd -e user

This is a quick way to expire a password for an user account. Then the user will be forced to change the password during the next login attempt.

passwd-e-final

      Fig-5: Usage of passwd -e command

passwd -n min_days user

This sets the minimum number of days before a password cannot be changed. By default, a value of zero is set, which indicates that the user may change their password at any time.

passwd-n-final

      Fig-6: Usage of passwd -n command

In the above Fig-6 the user2 cannot change its own password until 10 days have passed.
Now, run the passwd -S user1 command To confirm the password setting made with the -n option above:

passwd-n1-final

      Fig-7: Using passwd -S command for confirmation

In the above Fig-7 the value of 10 after the date indicates the minimum number of days until a user cannot change the password.

passwd -x days user

This command is used to Set the maximum number of days a password remains valid. After MAX_DAYS, the password is required to be changed.
In below Fig-8 the user2 has to change the password after 90 days.

passwd-x-final

      Fig-8: Usage of passwd -x command

Now, run the passwd -S user1 command To confirm the password setting made with the -x option above:
The value of 10 befor 90 indicates the maximum password lifetime.

passwd-x1-final

      Fig-9: Using passwd -S command for confirmation

passwd -w warn_days user

This will set the number of days in advance the user will begin receiving warnings that the password will expire.
In the below Fig-10 the user will receive warnings that the password will expire 7 days before the expiration.

passwd-w-final

      Fig-10: Usage of passwd -w command

passwd -i inactive_days user

This option is used to disable the user account after the inactive_days when password expires and the account will be deactivated.
The user may no longer sign on to the account after deactivation.
In the below Fig-11 the user account had an inactive_days limit of 5 days after that user will no longer can sign into the account.

passwd-i-final

      Fig-11: Usage of passwd -i command

passwd --help

This command is used to display all possible variations of passwd command.

In the below Fig-12 you can see that by using this command we can see all possible variations of passwd command.

passwd_help (1)

      Fig-12: Usage of passwd --help command

To learn chmod command : https://github.com/muneeb-mbytes/linux_course/wiki/26.-chmod-command