Solved

How to list security policy of Red Hat Linux, specifically need password expiration and grace period thereof

Posted on 2010-11-11
6
610 Views
Last Modified: 2012-05-10
Hello,
I am running Red Hat Enterprise Linux Server release 5.2 and it has a security policy that expires passwords after 90 days. I want to find out specifically what the grace period is (if any) and generally how to list all of the terms of the security policy.
Thank you,
Peter
0
Comment
Question by:pdegregorio
  • 3
  • 2
6 Comments
 
LVL 17

Accepted Solution

by:
sweetfa2 earned 250 total points
ID: 34116378
chage --list user
0
 

Author Comment

by:pdegregorio
ID: 34116705
Thanks for the quick reply. Here are my results

ast password change                                    : Nov 11, 2010
Password expires                                        : Feb 09, 2011
Password inactive                                       : Feb 09, 2011
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 90
Number of days of warning before password expires       : 5

I interpret this as meaning that if I don't change my password by Feb 09, 2011 I will be locked out and have to get help from the system administrator. At that point what does the administrator do? Is there a command to reactivate the user so they can log in and change their own password?
0
 
LVL 17

Expert Comment

by:sweetfa2
ID: 34116803
As far as I recall you will not be able to login after this date without changing your password.  

I don't believe that it makes your account inactive.

The account expires value would be the one that you would be concerned about in that case.

The super-user could re-activate your password simply by changing it with the passwd command.

0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 39

Assisted Solution

by:noci
noci earned 250 total points
ID: 34116824
you can change the password on behalf of the use by passwd.
Or the chage command can be used to (re)set the last password date to something so it is still valid for few days.
0
 

Assisted Solution

by:pdegregorio
pdegregorio earned 0 total points
ID: 34117051
Thanks experts ... OK so the system has a 90 day expiration so the following command

chage -d `date +"%Y-%m-%d" -d -89days` THE_USER

will set the user's last password change to 89 days ago and they can log in today and change their password with passwd. If they don't do it today they are locked out again. Perfect.

0
 

Author Closing Comment

by:pdegregorio
ID: 34143566
My comment (zero points) is accepted as part of the solution because it gives a specific and practical use example.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Join & Write a Comment

Suggested Solutions

​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now