sameer fakhoury
  • Home
  • CTF Writeups
  • Course Summaries
  • Cyber Reports
  • Articles
  • Event Notes
  • About Me
Password in Linux Summary

Password in Linux Summary

  • Change Password of System Users → passwd {options} {user_name}
  • Display Password Status Information → -S option
  • semo PS 2024-01-13 0 99999 7 -1
    1. Username: semo
    2. Password status: PS (This means the password is set.)
      1. PS = password set - LK = password locked , NP = no password
    3. Last password change: 2024-01-13
    4. Minimum password age: 0 (This means there is no minimum password age.)
    5. Maximum password age: 99999 (This implies that the password will not expire based on time.)
    6. Warning period: 7 (This might indicate that the user receives a warning message seven days before the password expires.)
    7. Inactivity period: -1 (This could mean there is no inactivity period.)
  • Removing Password of a User using -d option passwd -d semo
  • Set Password Expiry Immediately → -e → the next login for the user will change the password
  • Lock the password of System User → -l → add ! at the starting of the user password - user can’t change password when it’s locked
  • Unlock User’s Password using -u option
  • Setting inactive days using -i option → password of user expired and user didn’t change its password in ‘n‘ number of days ( many cases 10 days ) then user not able to login.
    • -1 is a default
  • Set Minimum Days to Change Password using -n option
    • A value of zero shows that user can change it’s password in any time
  • Set Maximum Days Password remains valid using -x option
  • Set Warning days before password expire using -w option → user will be warned for n number of days that his/her password is going to expire.
  • Show password dates
    • chage –-list username , chage -l username
    • chage --list semo
      1. account expired date ( to expire the password on this date ) → chage -E 1999-02-15 newu1
  • sudo
    • can be used to invoke root privileges by normal users
    • change the password for root → sudo passwd root
    • helpful when a user is member of admin group (holds a position in sudoers list (/etc/sudoers) and can use commands with sudo) and the root password is not set, which is case with many common distributions of Linux.
      • super users group → kali → sudo , red hat → sudoers
  • Configuring sudo Access
    1. Create a new user: useradd USERNAME
    2. Set a password for the new user: passwd USERNAME
    3. Open the sudoers file for editing: visudo
    4. Find the line that grants sudo access to users in the "wheel" group: ## Allows people in group wheel to run all commands # %wheel ALL=(ALL) ALL
    5. Remove the comment character (#) from the second line to enable the configuration: %wheel ALL=(ALL) ALL
    6. Save your changes and exit the editor.
    7. Add the created user to the "wheel" group using the usermod command: usermod -aG wheel USERNAME
    8. Switch to the new user account: su USERNAME
    9. Verify that the user is in the "wheel" group: groups (Output: USERNAME wheel)
    10. Use the sudo command to run the whoami command: sudo whoami (Output: root or the username with elevated privileges)

©sameer fakhoury

GitHubLinkedIn
Last password change                                    : Jan 13, 2024
Password expires                                        : never
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 99999
Number of days of warning before password expires       : 7