Play Redhat Linux 8.0 series | Manage user passwords

Enterprise 2023-06-21 08:43:59 views: null

Source of material: Redhat Linux 8.0 training materials "RH124", "RH134" and "RH294"

I have played Linux for 5-6 years, now I will review the RHCE training materials again, complete the experiment according to the guidance and share it with you.

Attach a summary post: Play Redhat Linux 8.0 series | collection

1 From the workstation, open an SSH session to servera as the student user.

[student@workstation ~]$ ssh student@servera
student@servera's password: 
Activate the web console with: systemctl enable --now cockpit.socket

This system is not registered to Red Hat Insights. See https://cloud.redhat.com/
To register this system, run: insights-client --register

Last login: Sat May 20 20:53:37 2023 from 172.16.190.227
[student@servera ~]$

2 On servera, explore the locking and unlocking of user accounts as a student.

2.1 As a student, lock the operator1 account with administrative privileges.

[student@servera ~]$ sudo usermod -L operator1
[sudo] password for student: 
[student@servera ~]$

2.2 Try to log in as operator1. This should fail.

[student@servera ~]$ su - operator1
Password: 
su: Authentication failure
[student@servera ~]$

2.3 Unlock the operator1 account.

[student@servera ~]$ sudo usermod -U operator1
[student@servera ~]$

2.4 Try to log in as operator1 again. This should do the trick.

[student@servera ~]$ su - operator1
Password: 
[operator1@servera ~]$

2.5 Exit from the operator1 user's shell to return to the student user's shell.

[operator1@servera ~]$ exit
logout
[student@servera ~]$

3 Change the password policy for operator1 to require a new password every 90 days. Confirm that the password age has been set successfully.

3.1 Set the maximum age of the operator1 user's password to 90 days.

[student@servera ~]$ sudo chage -M 90 operator1
[student@servera ~]$

3.2 Verify that the password for the operator1 user expires 90 days after the change.

[student@servera ~]$ sudo chage -l operator1
Last password change                                    : May 20, 2023
Password expires                                        : Aug 18, 2023
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 90
Number of days of warning before password expires       : 7
[student@servera ~]$

4 Force the operator1 account to change its password on first login.

[student@servera ~]$ sudo chage -d 0 operator1
[student@servera ~]$

5 Log in as operator1 and change the password to forsooth123. After setting the password, return to the shell of the student user.

5.1 Log in as operator1 and change the password to forsooth123 when prompted.

[student@servera ~]$ su - operator1
Password: 
You are required to change your password immediately (administrator enforced)
Current password: 
New password: 
Retype new password: 
[operator1@servera ~]$

5.2 Exit from the operator1 user's shell to return to the student user's shell.

[operator1@servera ~]$ exit
logout
[student@servera ~]$

6 Set the operator1 account to expire 180 days from today. Tip: date -d "+180 days" gives you a date and time 180 days from the current date and time.

6.1 Determine the date 180 days in the future. Use the %F format for the date command to get the exact value.

[student@servera ~]$ date -d "+180 days" +%F
2023-11-16
[student@servera ~]$

Depending on the current date and time in your system, you may get different values ​​for use in the following steps.

6.2 Set the account to expire on the date shown in the previous step.

[student@servera ~]$ sudo chage -E 2023-11-16 operator1
[student@servera ~]$

6.3 Verify that the account expiration date was successfully set.

[student@servera ~]$ sudo chage -l operator1
Last password change                                    : May 20, 2023
Password expires                                        : Aug 18, 2023
Password inactive                                       : never
Account expires                                         : Nov 16, 2023
Minimum number of days between password change          : 0
Maximum number of days between password change          : 90
Number of days of warning before password expires       : 7
[student@servera ~]$

7 Set all users' passwords to expire 180 days from the current date. Edit the configuration file with administrative privileges.

7.1 In /etc/login.defs, set PASS_MAX_DAYS to 180. Administrative privileges should be used when opening the file with a text editor. You can use the sudo vim /etc/login.defs command to perform this step.

#       PASS_WARN_AGE   Number of days warning given before a password expires.
#
PASS_MAX_DAYS   180
PASS_MIN_DAYS   0

7.2 Log out from servera.

[student@servera ~]$ exit
logout
Connection to servera closed.
[student@workstation ~]$

Guess you like

Origin blog.csdn.net/guolianggsta/article/details/131305538
Recommended
Ranking
ASP.NET Core storage session to get any value
Linux has disk space but shows insufficient inode usage in Linux
Oral English 433 Twenty English Words Every Day
The use of common transforms in Pytorch
It's Graduation Season II again
Introduction to OracleDB 6: Use DB LINK to clone non-CDB into CDB architecture
How the report generator FastReport .Net uses code to create reports
My Live Writer Plugin - insert monkey face
DCM's diagnostic services dispatcher (DSD) a Detailed
Java NullPointerException when using scanner.hasNext();
Daily
More
2024-05-23(35)
2024-05-22(9)
2024-05-21(35)
2024-05-20(5)
2024-05-19(0)
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)

Code World

© 2018 codetd.com