Linux Accounts Password Rules

Check Current Password Expiry Settings

Before making any changes, you may want to check the current password expiry settings for the user. You can do this by running the chage -l <username> command, replacing <username> with the name of the user whose password expiry settings you want to view.

sudo chage -l <username>

Change Password Expiry Settings

To change the password expiry period of Linux accounts, run the chage command, as below:

[sysadmin@controller-0 ~(keystone_admin)]$ sudo chage -M <days_to_expiry> <username>

For example, to set the maximum number of days before the password must be changed to 60 days for a user named sysadmin, you can use the following command:

[sysadmin@controller-0 ~(keystone_admin)]$ sudo chage -M 60 sysadmin

Verify Changes

After making the changes, verify that the new password expiry settings have been applied by running the chage -l <username> command again.

chage -l <username>

For the example above of user sysadmin and expiry period of 60 days, the output of chage -l <username> should be as follows:

[sysadmin@controller-0 ~(keystone_admin)]$ chage -l sysadmin
Last password change                                : abr 30, 2024
Password expires                                    : jun 29, 2024
Password inactive                                   : never
Account expires                                     : never
Minimum number of days between password change      : 0
Maximum number of days between password change      : 60
Number of days of warning before password expires   : 7