Password aging policy for individual users can be set using the command choose two
Table 1. Command line utilities for managing users and groups
Adding a New User To add a new user to the system, type the following at a shell prompt as …where options are command-line options as described in
Common useradd command-line options. By default, the useradd command creates a locked user account. To unlock the account, run the following command as Optionally, you can set a password aging policy. See Enabling Password Aging for information on how to enable password aging. Table 2. Common useradd command-line options
The command-line options associated with the usermod command are essentially the same. Note that if you want to add a user to another supplementary group, you need to use the Explaining the Process The following steps illustrate what happens if the command useradd juan is issued on a system that has shadow passwords enabled:
At this point, a locked account called Adding a New Group To add a new group to the system, type the following at a shell prompt as groupadd options group_nameTable 3. Common groupadd command-line options
Enabling Password AgingFor security reasons, it is advisable to require users to change their passwords periodically. This can be done by using the chage command.
To configure password expiration for a user from a shell prompt, run the following command as …where options are command line options as described in chage command line options. When the chage command is followed directly by a username (that is, when no command line options are specified), it displays the specified users current password aging values and allows you to change these values interactively. Table 4. chage command line options
You can configure a password to expire the first time a user logs in. This forces users to change passwords immediately.
Upon the initial log in, the user is now prompted for a new password. Enabling Automatic LogoutsEspecially when the user is logged in as
The changes take effect the next time a user logs in to the system. Creating Group DirectoriesSystem administrators usually like to create a group for each major project and assign people to the group when they need to access that project’s files. With this traditional scheme, file management is difficult; when someone creates a file, it is associated with the primary group to which they belong. When a single person works on multiple projects, it becomes difficult to associate the right files with the right group. However, with the UPG scheme, groups are automatically assigned to files created within a directory with the setgid bit set. The setgid bit makes managing group projects that share a common directory very simple because any files a user creates within the directory are owned by the group that owns the directory. For example, a group of people need to work on files in the
Which command is used to for password aging policy?The chage command is self-described as the "change user password expiry information" utility. According to the chage man page: The chage command changes the number of days between password changes and the date of the last password change.
Which command enables you to change password aging for a user?Use the chage command to force users to change their passwords to comply with your password-aging policies. User accounts created on Red Hat Enterprise Linux (RHEL) servers are by default assigned 99,999 days until their password expires.
Which command is used to set up passwords for users?The passwd command changes passwords for user accounts. A normal user may only change the password for their own account, while the superuser may change the password for any account. passwd also changes the account or associated password validity period.
Which command is used to list the aging information for a user?The chage(Change age) command is used to view and modify a user's account and password information. It is used by system administrators to change aging information of a user e.g changing the password expiry date, days between password changes, date of last password change and account expiry date.
|