Linux Accounts Password Rules¶
Check Current Password Expiry Settings
Before making any changes, you may want to check the current password expiry
settings for the user. You can do this by running the chage -l
<username> command, replacing <username>
with the name of the user whose
password expiry settings you want to view.
sudo chage -l <username>
Change Password Expiry Settings
To change the password expiry period of Linux accounts, run the chage command, as below:
[sysadmin@controller-0 ~(keystone_admin)]$ sudo chage -M <days_to_expiry> <username>
For example, to set the maximum number of days before the password must be
changed to 60 days for a user named sysadmin
, you can use the following
command:
[sysadmin@controller-0 ~(keystone_admin)]$ sudo chage -M 60 sysadmin
Verify Changes¶
After making the changes, verify that the new password expiry settings have been applied by running the chage -l <username> command again.
chage -l <username>
For the example above of user sysadmin
and expiry period of 60 days, the
output of chage -l <username>
should be as follows:
[sysadmin@controller-0 ~(keystone_admin)]$ chage -l sysadmin
Last password change : abr 30, 2024
Password expires : jun 29, 2024
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 60
Number of days of warning before password expires : 7