The chage command Examples and Usages

The chage command updates password aging information. Password aging is a set of options administrators use to secure user passwords. The /etc/shadow file saves user passwords and password aging information on a standalone Linux system.

The chage command syntax

The chage command uses the following syntax.

#chage [options] username

The chage command options

The following table lists the chage command options and their meaning.

Short optionLong optionUpdate setting
-d--lastdayLast password change date
-m--mindaysMinimum number of days between password change
-M--maxdaysMaximum number of days between password change
-W--warndaysNumber of days of warning before password expiry
-I--inactivePassword inactive date
-E--expiredateAccount expiry date

password aging chart

The chage command examples

The following are common usages of the chage command.

Listing aging information

The -l option lists the password aging information. The following command lists the password aging values of rheluser.

#chage -l rheluser

listing password aging

Using interactive prompt to manage password aging information

If we run the chage command without any option, it starts in the interactive mode. In interactive mode, it lists the value of each aging option and allows us to update or keep it. The following image shows an example of the interactive mode.

the -i option

Changing the last password change date

The -d (--lastday) option sets the last password change date in the number of days. It accepts the argument in the date format (YYYY-MM-DD). It converts the given date into the number of days. The following command sets the last password change date to 10 August 2024.

#chage –d 2024-08-10 rheluser

the -d option

Forcing the user to change his password at the next login

If we provide 0 (zero) as the argument with the -d option, it forces the user to change his password on the next log-on. The following command forces the user to change his password on the next log-on.

#chage –d 0 rheluser

the -d option

Changing account lockout days

The -I option sets the number of days after the system locks the user account if the user does not change his expired password. The following command changes the password inactive days to 5 days.

#chage –I 5 rheluser

the -i option

The value -1 with this option resets the password inactive days back to the default value.

default inative date

Displaying a warning message before the password expires

The -W option sets the number of days earlier the user will get the warning message to change his password before the password expires. For example, The following command sets the warning message days to 5 days before the password expires.

#chage –W 5 rheluser

warning date

The chage command help options

If you need help with the chage command, use the -h or --help option. When used with this option, it lists a summary of all options and their usage.

help option

If you need a detailed overview of this command and all options, use its manual pages. The following command displays the manual of this command.

manual page

The chage command exit codes

The following table lists the exit code of the chage command.

0success
1permission denied
2invalid command syntax
15the /etc/shadow password file is not present

The chage command configuration files

The chage command depends on the following configuration files.

The /etc/login.defs file

This file defines the default configuration values for various login parameters. These parameters include the options that the chage command updates. The chage command uses this file to select the default values of related parameters.

The /etc/default/useradd

The chage command updates the values the useradd command sets. The useradd command picks default values from this file.

The /etc/shadow file

This file saves all the values the chage command updates.

This tutorial is part of the tutorial series 'Linux User and Group Management Explained with Examples'. Other parts of this series are the following.

Chapter 01  Difference between the root user and super (sudo) user
Chapter 02  Linux User Management Explained with Examples
Chapter 03  Linux Group Management Explained with Examples
Chapter 04  Password aging policy Explained with chage command
Chapter 05  The /etc/group File Explained
Chapter 06  The /etc/gshadow File Explained
Chapter 07  The /etc/passwd file in Linux Explained with Examples
Chapter 08  The /etc/shadow file in Linux Explained with Examples
Chapter 09  The useradd command Explained
Chapter 10  The gpasswd command Explained
Chapter 11  The chage command Examples and Usages

Conclusion

By understanding the chage command, you can effectively manage password aging information and enhance the security of user passwords on Linux systems. Mastering the chage command is essential for maintaining a secure and well-managed Linux environment. This tutorial presented a detailed overview of the chage command and its options. It also explained common usages of this command through examples.

ComputerNetworkingNotes Linux Tutorials The chage command Examples and Usages

We do not accept any kind of Guest Post. Except Guest post submission, for any other query (such as adverting opportunity, product advertisement, feedback, suggestion, error reporting and technical issue) or simply just say to hello mail us ComputerNetworkingNotes@gmail.com