• VMware

    Learn about VMware virtualization for its products like vsphere ESX and ESXi, vCenter Server, VMware View, VMware P2V and many more

  • Linux

    Step by step configuration tutorials for many of the Linux services like DNS, DHCP, FTP, Samba4 etc including many tips and tricks in Red Hat Linux.

  • Database

    Learn installation and configuration of databases like Oracle, My SQL, Postgresql, etc including many other related tutorials in Linux.

  • Life always offers you a second chance ... Its called tomorrow !!!

    Tuesday, August 19, 2014

    How to check the lock status of any user account in Linux

    There are few commands which I know can be used to see if any user account on your Linux machine is locked.

    Case 1: Password Locked

    In this case the password of any account is locked using the below command

    To lock the password
    # passwd -l user1
    Locking password for user user1.
    passwd: Success

    Review the status in /etc/shadow
    # grep user1 /etc/shadow user1:!!$6$ciJaoDR9$Qpt9sctRLjbZ4/Agxy9UOvu/XQqNrFo9rpgfZ/xrF/8JphkEvF29ITpef0SVLdJcrpv8Q/.6mRAHee4tZT0r11:16299:0:99999:7:::
    As you can see above two exclamation mark (!!) before the encrypted password which means that the password has been locked

    To unlock the password
    # passwd -u user1
    Unlocking password for user user1.
    passwd: Success

    Case 2: Account is Locked

    In this case the user account might have been locked by the administrator

    To lock an account
    # usermod -L user1
    Review your /etc/shadow file for the changes
    # grep user1 /etc/shadow

    As you see an extra single exclamation mark(!) appeared in the password section before the encrypted password starts which signifies that the user account is locked

    To unlock a user account
    # usermod -U user1

    Case 3: Password never set

    This can also be the scenario where the administrator has not assigned any password due to which the user is not able to login

    So to verify this again you need to check your /etc/shadow file
    # grep user1 /etc/shadow

    As you see two exclamation mark(!!) is there but no encrypted password which means a password is not set.

    If the password was set without lock your /etc/shadow would look like something below
    # grep user1 /etc/shadow

    Check the lock status of any Linux Account

    Now one single command to see the lock status of the user
    # passwd -S user1
    user1 LK 2014-08-17 0 99999 7 -1 (
    Password locked.)

    If the user account is unlocked you will output like below
    # passwd -S user1
    user1 PS 2014-08-17 0 99999 7 -1 (Password set, SHA512 crypt.)

    Related Articles
    How to keep a track of all the commands run by any user in Linux
    How to track all the successful and failed login attempts by users in Linux
    How to check last login time for users in Linux
    How to change user Password Expiry, Home Directory etc in Linux

    Follow the below links for more tutorials

    What is the difference/comparison between Unix and Linux ?
    What are the maximum and minimum limits for RHEL 4 vs 5 vs 6 ?
    Step by Step Linux Boot Process Explained In Detail
    What is the difference between ext3 and ext4 filesystem in Linux ?
    How to configure Private Network in VMware Workstation
    10 examples to help you understand top command usage in Unix/Linux
    Configure Red Hat Cluster using VMware, Quorum Disk, GFS2, Openfiler
    Tutorial for Monitoring Tools SAR and KSAR with examples in Linux
    15 tips to enhance security of your Linux machine
    Why is Linux more secure than windows and any other OS
    Understanding Load Average in Linux and when to be worried about it?
    Disk Attachment Technology FC vs SAS vs iSCSI
    Understanding UMASK value in Linux
    How to keep a track of all the commands run by any user in Linux
    How do you check Linux machine is Physical or Virtual remotely?


    1. hi Deepak,

      I am not seeing encrypted pwd in my /etc/passwd file...why ?
      can u pls explain me why ??


      1. Hi Pankaj,

        /etc/passwd doesnot contains the encrypted password, it will only contain "x" if a password is assigned

        encrypted form of password is visible in /etc/shadow

    2. what is kernel patching
      how to update kernel
      please send me answers in brief