Password in Linux Summary

Change Password of System Users → passwd {options} {user_name}
Display Password Status Information → -S option
semo PS 2024-01-13 0 99999 7 -1

Username: semo
Password status: PS (This means the password is set.)

PS = password set - LK = password locked , NP = no password

Last password change: 2024-01-13
Minimum password age: 0 (This means there is no minimum password age.)
Maximum password age: 99999 (This implies that the password will not expire based on time.)
Warning period: 7 (This might indicate that the user receives a warning message seven days before the password expires.)
Inactivity period: -1 (This could mean there is no inactivity period.)

Removing Password of a User using -d option passwd -d semo
Set Password Expiry Immediately → -e → the next login for the user will change the password
Lock the password of System User → -l → add ! at the starting of the user password - user can’t change password when it’s locked
Unlock User’s Password using -u option
Setting inactive days using -i option → password of user expired and user didn’t change its password in ‘n‘ number of days ( many cases 10 days ) then user not able to login.

-1 is a default

Set Minimum Days to Change Password using -n option

A value of zero shows that user can change it’s password in any time

Set Maximum Days Password remains valid using -x option
Set Warning days before password expire using -w option → user will be warned for n number of days that his/her password is going to expire.
Show password dates

chage –-list username , chage -l username
chage --list semo

Last password change                                    : Jan 13, 2024
Password expires                                        : never
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 99999
Number of days of warning before password expires       : 7

account expired date ( to expire the password on this date ) → chage -E 1999-02-15 newu1

sudo

can be used to invoke root privileges by normal users
change the password for root → sudo passwd root
helpful when a user is member of admin group (holds a position in sudoers list (/etc/sudoers) and can use commands with sudo) and the root password is not set, which is case with many common distributions of Linux.

super users group → kali → sudo , red hat → sudoers

Configuring sudo Access

Create a new user: useradd USERNAME
Set a password for the new user: passwd USERNAME
Open the sudoers file for editing: visudo
Find the line that grants sudo access to users in the "wheel" group: ## Allows people in group wheel to run all commands # %wheel ALL=(ALL) ALL
Remove the comment character (#) from the second line to enable the configuration: %wheel ALL=(ALL) ALL
Save your changes and exit the editor.
Add the created user to the "wheel" group using the usermod command: usermod -aG wheel USERNAME
Switch to the new user account: su USERNAME
Verify that the user is in the "wheel" group: groups (Output: USERNAME wheel)
Use the sudo command to run the whoami command: sudo whoami (Output: root or the username with elevated privileges)