Linux常用命令-passwd

命令

passwd

描述

update user’s authentication tokens
更改用户密码

用法

1
passwd [OPTION...] [username]

选项

1
2
3
4
5
6
7
8
9
10
11
12
Options:
-d 删除密码
-l 锁定账户
-u 解锁账户
-e 强制用户下次登录修改密码
-f 强制执行
-x DAYS 密码最长期限
-n DAYS 密码最短期限
-w DAYS 密码过期前几天提醒用户
-i DAYS 密码过期后几天关闭账户
-S 显示用户密码状态
--stdin 从标准输入获取新密码

注意

该命令的选项均需要root权限,普通用户仅可以更改自己的密码passwd username
/etc/passwd文件格式分为7部分
username:password(x):UID:GID:GECOS(用户全名或注释):home directory:shell
/etc/shadow文件格式分为8部分
username:加密后的密码:最后一次更改密码的时间(从1970年1月1日起至今的天数):最短密码有效期0天:最长密码有效期99999表示永不过期:密码过期前几天通知用户更改密码:密码过期后几天锁定账户:账户的有效期
密码位置显示为!!号表示锁定用户,禁止登录

示例

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
# 交互式更改密码
$ grep usera /etc/passwd /etc/shadow
/etc/passwd:usera:x:1002:1002::/home/usera:/bin/sh
/etc/shadow:usera::18620:0:3:7:::
$ passwd usera
Changing password for user usera.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
$ grep usera /etc/passwd /etc/shadow
/etc/passwd:usera:x:1002:1002::/home/usera:/bin/sh
/etc/shadow:usera:$6$5GY4hH4T$s0jV71ZduVbK/24UPLnZwGIu/.l5WxlBkDftGI//1gN.ybOVp.AdvABMT.wnWKNoogUl7I75Jtf4iUBwH/fN0.:18620:0:3:7:::
# 删除密码
$ passwd -d usera
Removing password for user usera.
passwd: Success
$ grep usera /etc/passwd /etc/shadow
/etc/passwd:usera:x:1002:1002::/home/usera:/bin/sh
/etc/shadow:usera::18620:0:3:7:::
# 锁定账户(在密码栏会显示两个!!锁定)
$ passwd -l usera
Locking password for user usera.
passwd: Success
$ grep usera /etc/passwd /etc/shadow
/etc/passwd:usera:x:1002:1002::/home/usera:/bin/sh
/etc/shadow:usera:!!:18620:0:3:7:::
# 强制解锁账户或者重新更改密码即可解锁
$ passwd -uf usera
Unlocking password for user usera.
passwd: Success
$ grep usera /etc/passwd /etc/shadow
/etc/passwd:usera:x:1002:1002::/home/usera:/bin/sh
/etc/shadow:usera::18620:0:3:7:::
# 非交互式更改密码
$ echo "redhat" |passwd --stdin usera
Changing password for user usera.
passwd: all authentication tokens updated successfully.
$ grep usera /etc/passwd /etc/shadow
/etc/passwd:usera:x:1002:1002::/home/usera:/bin/sh
/etc/shadow:usera:$6$ktTWKRRl$DnXoUb73rKZmc1CsRZqnY4VEQxco6r4uwW8SCABKKMVAajaC8VBMDkd0723/4IJ7geEULHpJ3vVnpx8QEW0s2/:18620:0:3:7:::
# 更改密码不输出任何提示信息
$ echo redhat | passwd --stdin usera &> /dev/null
# 强制用户下次登录修改密码
$ passwd -e usera
Expiring password for user usera.
passwd: Success
$ chage -l usera
Last password change : password must be changed
Password expires : password must be changed
Password inactive : password must be changed
# 设置用户密码策略
$ passwd -x 30 -n 3 -w 7 -i 5 usera
Adjusting aging data for user usera.
passwd: Success
$ chage -l usera
Last password change : Dec 24, 2020
Password expires : Jan 23, 2021
Password inactive : Jan 28, 2021
Account expires : never
Minimum number of days between password change : 3
Maximum number of days between password change : 30
Number of days of warning before password expires : 7
# 查看用户密码状态
$ passwd -S usera
usera PS 2021-02-05 0 99999 7 -1 (Password set, SHA512 crypt.)
$ passwd -S userb
userb LK 2021-02-09 0 99999 7 -1 (Password locked.)