Solved

Unix Password Age

Posted on 2010-09-20
7
1,700 Views
Last Modified: 2013-12-04
Ok this is probably a very easy question, but I have looked all over EE and google, but I cant seem to find the answer.

I am trying to calculate the password age of a Unix user.  I can get the age value if i use the /etc/shadow file and I have the following results:

johndoe:PaSsWoRdxye7d:13062:30:100:10:inactive:expire:
^ ^ ^ ^ ^ ^ ^ ^ ^
| | | | | | | | |
username:password:lastchg:min:max:warn:inactive:expire:flag

But how do i take the "13062" and calculate it to determine the actual password date/age.

I read some where that its the "13062" value is the amount of days since Jan 1 1970.
Is this correct?
0
Comment
Question by:nakoz69
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 8

Expert Comment

by:jimmyray7
ID: 33721127
That's correct.  UNIX uses epoch time, which started Jan 1 1970.
0
 
LVL 8

Expert Comment

by:jimmyray7
ID: 33721159
This thread may be helpful in regards to scripting with the password age: http://www.unix.com/shell-programming-scripting/33854-check-password-age.html
0
 
LVL 1

Author Comment

by:nakoz69
ID: 33721175
So how do i calc the "13062" from 1/1/1970?
0
Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

 
LVL 8

Expert Comment

by:jimmyray7
ID: 33721331
On a *nix OS, date +%s will give you the number of seconds since epoch.  Divide by 60 to get minutes, again by 60 to get hours, then by 24 to get days.  Then you can compare that to what shows up in the password file to see how old the password is.
0
 
LVL 1

Author Comment

by:nakoz69
ID: 33721405
When i try:

# date %s
I get:

date: bad conversion

BTW I forgot to say that I am running the following version of SunOS:
5.8 Generic
0
 
LVL 8

Accepted Solution

by:
jimmyray7 earned 500 total points
ID: 33721455
Ah, Sun/Solaris date command doesn't support those flags.  I didn't know that.  Well, you can use perl or another scripting language of your choice, or do what this guy did: http://solarisjedi.blogspot.com/2006/06/solaris-date-command-and-epoch-time.html
0
 
LVL 1

Author Comment

by:nakoz69
ID: 33721620
Ok so i finally got it figured out.  Thanks Jimmy for all the help:

Process to convert the "lastchg" field from the "shadow" file to an actual day you need to use the following Steps:

# cat /etc/shadow
- you get the following result:

root:PaSsWoRd:14797::::::

- the "14797" is the "lastchg" value
- this is the epoch time value since the password was changed (unix uses EPOCH time which is time since 01/01/1970)
- this value is in days so we need to convert it to minutes to get a date time

Formula:
= "lastchg"*(hrs in a day)*(minutes in a day)
= 14797*24*3600
= 1278547200

We can now take this value and plug it into excel using the following formula
= (EPOCH_Value/sec in a day)+(days from 1900 to 1970)
= ((1278547200/86400)+25569)
= 40366
*Note: That excel actually starts from 1/1/1900 so you have to account for the 70 year difference in time
since EPOCH time starts at 1/1/1970
- which is why you add the 25569


You can now use the date/time format in excel and see the current date.

OR

You can take the easy way out.

Since the "Lastchg" result is actually in days there is no need to convert from days to seconds back to days
- you can plug the following formula into excel and just use the date/time format to see the last change date

= ("lastchg"+(days from 1900 to 1970)
= 14797+25569
= 40366
When formatted in excel this turns out to be 7/7/10 12:00AM

Enjoy!
0

Featured Post

Enroll in May's Course of the Month

May’s Course of the Month is now available! Experts Exchange’s Premium Members and Team Accounts have access to a complimentary course each month as part of their membership—an extra way to increase training and boost professional development.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question