If a system administrator wants a user to set a password the first time the user log in, the user's initial or null password can be set to expire immediately, forcing the user to change it immediately after logging in for the first time.
To force a user to configure a password the first time the user logs in at the console, follow these steps. Note, this process does not work if the user logs in using the SSH protocol.
Lock the user's password - If the user does not exist, use the useradd command to create the user account, but do not give it a password so that it remains locked. If the password is already enabled, lock it with the command:usermod -L usernameForce immediate password expiration - Type the following command: chage -d 0 usernameThis command sets the value for the date the password was last changed to the epoch (January 1, 1970). This value forces immediate password expiration no matter what password aging policy, if any, is in place.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment