passowrd lock
-S This will output a short information about the status of the password for a given account.
-l This option is used to lock the specified account and it is available to root only. The locking is per-
formed by rendering the encrypted password into an invalid string (by prefixing the encrypted string with
an !).
-u This is the reverse of the -l option - it will unlock the account password by removing the ! prefix. This
option is available to root only. By default passwd will refuse to create a passwordless account (it will
not unlock an account that has only "!" as a password).
Forces the user to change password at the next login
-f with -f the system wil force any login user to change his password
Forces the user to change password at the next login by expiring the password for name.
-e --expire Immediately expire an account's password.
This in effect can force a user to change his/her password at the user's next login.
# passwd # passwd user1
echo "password01" | passwd --stdin user01
# passwd -S user01 user01 PS 2016-02-04 0 99999 7 -1 (Password set, MD5 crypt.) # # cat /etc/shadow |grep user01 user01:$1$LCAYp/8w$AXct0Zcd7P.sRCoQ1f59.0:16835:0:99999:7::: # passwd -l user01 Locking password for user user01. passwd: Success # # passwd -S user01 user01 LK 2016-02-04 0 99999 7 -1 (Password locked.) # # cat /etc/shadow |grep user01 user01:!!$1$LCAYp/8w$AXct0Zcd7P.sRCoQ1f59.0:16835:0:99999:7::: <- !! # # passwd -u user01 Unlocking password for user user01. passwd: Success. # # passwd -S user01 user01 PS 2016-02-04 0 99999 7 -1 (Password set, MD5 crypt.) #