Linux常用命令-passwd

发表于 2020-12-25 分类于 command

命令

passwd

描述

update user’s authentication tokens
更改用户密码

用法

1	passwd [OPTION...] [username]

选项

Options:
  -d  删除密码
  -l  锁定账户
  -u  解锁账户
  -e  强制用户下次登录修改密码
  -f  强制执行
  -x DAYS  密码最长期限
  -n DAYS  密码最短期限
  -w DAYS  密码过期前几天提醒用户
  -i DAYS  密码过期后几天关闭账户
  -S       显示用户密码状态
  --stdin  从标准输入获取新密码

注意

该命令的选项均需要root权限,普通用户仅可以更改自己的密码passwd username
/etc/passwd文件格式分为7部分
username:password(x):UID:GID:GECOS(用户全名或注释):home directory:shell
/etc/shadow文件格式分为8部分
username:加密后的密码:最后一次更改密码的时间(从1970年1月1日起至今的天数):最短密码有效期0天:最长密码有效期99999表示永不过期:密码过期前几天通知用户更改密码:密码过期后几天锁定账户:账户的有效期
密码位置显示为!!号表示锁定用户,禁止登录

示例

# 交互式更改密码
$ grep usera /etc/passwd /etc/shadow
/etc/passwd:usera:x:1002:1002::/home/usera:/bin/sh
/etc/shadow:usera::18620:0:3:7:::
$ passwd usera
Changing password for user usera.
New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.
$ grep usera /etc/passwd /etc/shadow
/etc/passwd:usera:x:1002:1002::/home/usera:/bin/sh
/etc/shadow:usera:$6$5GY4hH4T$s0jV71ZduVbK/24UPLnZwGIu/.l5WxlBkDftGI//1gN.ybOVp.AdvABMT.wnWKNoogUl7I75Jtf4iUBwH/fN0.:18620:0:3:7:::
# 删除密码
$ passwd -d usera
Removing password for user usera.
passwd: Success
$ grep usera /etc/passwd /etc/shadow
/etc/passwd:usera:x:1002:1002::/home/usera:/bin/sh
/etc/shadow:usera::18620:0:3:7:::
# 锁定账户(在密码栏会显示两个!!锁定)
$ passwd -l usera
Locking password for user usera.
passwd: Success
$ grep usera /etc/passwd /etc/shadow
/etc/passwd:usera:x:1002:1002::/home/usera:/bin/sh
/etc/shadow:usera:!!:18620:0:3:7:::
# 强制解锁账户或者重新更改密码即可解锁
$ passwd -uf usera
Unlocking password for user usera.
passwd: Success
$ grep usera /etc/passwd /etc/shadow
/etc/passwd:usera:x:1002:1002::/home/usera:/bin/sh
/etc/shadow:usera::18620:0:3:7:::
# 非交互式更改密码
$ echo "redhat" |passwd --stdin usera
Changing password for user usera.
passwd: all authentication tokens updated successfully.
$ grep usera /etc/passwd /etc/shadow 
/etc/passwd:usera:x:1002:1002::/home/usera:/bin/sh
/etc/shadow:usera:$6$ktTWKRRl$DnXoUb73rKZmc1CsRZqnY4VEQxco6r4uwW8SCABKKMVAajaC8VBMDkd0723/4IJ7geEULHpJ3vVnpx8QEW0s2/:18620:0:3:7:::
# 更改密码不输出任何提示信息
$ echo redhat | passwd --stdin usera &> /dev/null
# 强制用户下次登录修改密码
$ passwd -e usera
Expiring password for user usera.
passwd: Success
$ chage -l usera
Last password change                                    : password must be changed
Password expires                                        : password must be changed
Password inactive                                       : password must be changed
# 设置用户密码策略
$ passwd -x 30 -n 3 -w 7 -i 5 usera
Adjusting aging data for user usera.
passwd: Success
$ chage -l usera
Last password change                                    : Dec 24, 2020
Password expires                                        : Jan 23, 2021
Password inactive                                       : Jan 28, 2021
Account expires                                         : never
Minimum number of days between password change          : 3
Maximum number of days between password change          : 30
Number of days of warning before password expires       : 7
# 查看用户密码状态
$ passwd -S usera
usera PS 2021-02-05 0 99999 7 -1 (Password set, SHA512 crypt.)
$ passwd -S userb
userb LK 2021-02-09 0 99999 7 -1 (Password locked.)