Locking and Unlocking users in linux

Posted: March 31, 2015 in RHCSS
Tags: , ,

In this article i will show you all the different methods and tricks to lock and unlock users in linux.For testing this lab i am using RedHat Enterprise Linux.If you are a linux admin or a linux learner you must know how to unlock locked users in linux and also you must have idea about all the methodology to lock a user in linux.

In this article i will mention all those users locking tricks step wise along with method to unlock them.

(1)First Method to Lock a user here username is satish:

[root@localhost ~]# passwd -l satish
Locking password for user satish.
passwd: Success

 

Now to unlock users locked in this way we use below command.

[root@localhost ~]# passwd -uf satish
Unlocking password for user satish.
passwd: Success.
[root@localhost ~]#

 

(2)Second Method to lock a user:

[root@localhost ~]# usermod -p “*” satish

 

Note:After executing this command when you see /etc/shadow file you will see output something like this.

satish:*:16525:0:99999:7:::

 

Now to unlock users locked in this way just type below command.

[root@localhost ~]# passwd satish
Changing password for user satish.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.

 

(3)Third method to lock a user in linux.

[root@localhost ~]# usermod -s /sbin/nologin satish

 

Now to unock users locked in this way type below command.

[root@localhost ~]# usermod -s /bin/bash satish

 

Linux display password status

passwd    -S   username

if its output is  L  then its locked.
if its output is  p  then account has a usable power.
if its output is  np  then it means no password.

Now see the output very carefully for every action.

 

[root@localhost ~]# passwd -S satish
satish PS 2015-03-31 0 99999 7 -1 (Password set, MD5 crypt.)

 

(4) Fourth method to Lock a user in Linux:

[root@localhost ~]# usermod -p “*” satish
[root@localhost ~]# passwd -S satish
satish LK 2015-03-31 0 99999 7 -1 (Alternate authentication scheme in use.)

Now i am going to lock the user and then see the password status of user satish.

[root@localhost ~]# passwd -l satish

Locking password for user satish.
passwd: Success

[root@localhost ~]# passwd -S satish
satish LK 2015-03-31 0 99999 7 -1 (Alternate authentication scheme in use.)

 

Now i am going to delete the password of user satish and then see password status of user satish.

[root@localhost ~]# passwd -d satish
Removing password for user satish.
passwd: Success
[root@localhost ~]# passwd -S satish
satish NP 2015-03-31 0 99999 7 -1 (Empty password.)

 

Now we are going to list the password and its related details of an user in linux.

#chage –list username

or

#chage -l username

You can use any of above command to list the user password related info.

[root@localhost ~]# chage –list satish
Last password change                                    : Mar 31, 2015
Password expires                                        : never
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 99999
Number of days of warning before password expires       : 7

 

Now learn how to set  password expiry date for an user in linux.

#chage    -M   no of days   username

 

[root@localhost ~]# chage -M 10 satish

[root@localhost ~]# chage –list satish
Last password change                                    : Mar 31, 2015
Password expires                                        : Apr 10, 2015
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 10
Number of days of warning before password expires       : 7

 

 If anyone of you have any other trick to lock and unlock a user in linux feel free to share your knowledge.

Comments
  1. vinay says:

    in case of LK i.e. Alternate authentication method is in use, does it means that there is no password or password is there and locked for change?

    Like

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s