Password-free login
Note: The examples here are ordinary users, the same as root users
1) User generated key (normally, it is not needed, this is to ensure success, because in the past did not generate and finally failed)
1) Execute command to generate [dev @ vpn ~] $ ssh-keygen 2) Generate a .ssh directory under the home directory, and generate public and private keys under the directory [dev @ vpn ~] $ ll .ssh / total 8 -rw- ------ 1 dev dev 1679 Mar 8 14:44 id_rsa -rw-r--r-- 1 dev dev 389 Mar 8 14:44 id_rsa.pub
2) useradd a user.
Upload the public key file id_rsa_2048.pub generated by xshell in the first step to the user's .ssh directory, and rename it to authorized_keys, and give 600 permissions. Note the owner of the file
[dev@vpn .ssh]$ mv id_rsa_2048.pub authorized_keys [dev@vpn .ssh]$ chmod 600 authorized_keys [dev@vpn ~]$ ll .ssh/ total 12 -rw------- 1 dev dev 380 Mar 8 14:46 authorized_keys -rw------- 1 dev dev 1679 Mar 8 14:44 id_rsa -rw-r--r-- 1 dev dev 389 Mar 8 14:44 id_rsa.pub
Password expired
When the password expires, you will not be able to log in
[root @ CentOS-A ~] # chage -l root Last password change: Oct 23, 2013 # [Last password change time] Password expires: Jan 23, 2014 # [Password expiration time] Password inactive: never # [Password failure time] account expires: never # account expires] [ minimum number of days between password change: 0 # [twice the minimum number of days between the distance change password] Maximum number of days between password change: 92 # [password change password twice The maximum number of days apart] Number of days of warning before password expires: 7 # [Number of days before warning expires]
chage
Usage: chage [options] LOGIN
Options:
-d, --lastday LAST_DAY set date of last password change to LAST_DAY
-E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
-h, --help display this help message and exit
-I, --inactive INACTIVE set password inactive after expiration
to INACTIVE
-l, --list show account aging information
-m, --mindays MIN_DAYS set minimum number of days before password
change to MIN_DAYS
-M, --maxdays MAX_DAYS set maximim number of days before password
change to MAX_DAYS
-R, --root CHROOT_DIR directory to chroot into
-W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS
The maximum expiration time of the password expiration time for the account is set to 3600 days, you can log in here
chage -M 3600 user