In this article i will show you all the different methods and tricks to lock and unlock users in linux.For testing this lab i am using RedHat Enterprise Linux.If you are a linux admin or a linux learner you must know how to unlock locked users in linux and also you must have idea about all the methodology to lock a user in linux.
You can also read:
User and Group management tutorial in Linux Part-1
User and Group management tutorial in Linux Part-2
User and Group management tutorial in Linux Part-3
In this article i will mention all those users locking tricks step wise along with method to unlock them.
(1)First Method to Lock a user here username is satish:
[root@localhost ~]# passwd -l satish
Locking password for user satish.
passwd: Success
Now to unlock users locked in this way we use below command.
[root@localhost ~]# passwd -uf satish
Unlocking password for user satish.
passwd: Success.
[root@localhost ~]#
(2)Second Method to lock a user:
[root@localhost ~]# usermod -p “*” satish
Note:After executing this command when you see /etc/shadow file you will see output something like this.
satish:*:16525:0:99999:7:::
Now to unlock users locked in this way just type below command.
[root@localhost ~]# passwd satish
Changing password for user satish.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
(3)Third method to lock a user in linux.
[root@localhost ~]# usermod -s /sbin/nologin satish
Now to unock users locked in this way type below command.
[root@localhost ~]# usermod -s /bin/bash satish
Linux display password status
passwd -S username
if its output is L then its locked.
if its output is p then account has a usable power.
if its output is np then it means no password.
Now see the output very carefully for every action.
[root@localhost ~]# passwd -S satish
satish PS 2015-03-31 0 99999 7 -1 (Password set, MD5 crypt.)
(4) Fourth method to Lock a user in Linux:
[root@localhost ~]# usermod -p “*” satish
[root@localhost ~]# passwd -S satish
satish LK 2015-03-31 0 99999 7 -1 (Alternate authentication scheme in use.)
Now i am going to lock the user and then see the password status of user satish.
[root@localhost ~]# passwd -l satish
Locking password for user satish.
passwd: Success
[root@localhost ~]# passwd -S satish
satish LK 2015-03-31 0 99999 7 -1 (Alternate authentication scheme in use.)
Now i am going to delete the password of user satish and then see password status of user satish.
[root@localhost ~]# passwd -d satish
Removing password for user satish.
passwd: Success
[root@localhost ~]# passwd -S satish
satish NP 2015-03-31 0 99999 7 -1 (Empty password.)
Now we are going to list the password and its related details of an user in linux.
#chage –list username
or
#chage -l username
You can use any of above command to list the user password related info.
[root@localhost ~]# chage –list satish
Last password change : Mar 31, 2015
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
Now learn how to set password expiry date for an user in linux.
#chage -M no of days username
[root@localhost ~]# chage -M 10 satish
[root@localhost ~]# chage –list satish
Last password change : Mar 31, 2015
Password expires : Apr 10, 2015
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 10
Number of days of warning before password expires : 7
If anyone of you have any other trick to lock and unlock a user in linux feel free to share your knowledge.
Learn Linux CCNA CEH IPv6 Cyber-Security Online 
in case of LK i.e. Alternate authentication method is in use, does it means that there is no password or password is there and locked for change?
LikeLiked by 1 person