• VMware

    Learn about VMware virtualization for its products like vsphere ESX and ESXi, vCenter Server, VMware View, VMware P2V and many more

  • Linux

    Step by step configuration tutorials for many of the Linux services like DNS, DHCP, FTP, Samba4 etc including many tips and tricks in Red Hat Linux.

  • Database

    Learn installation and configuration of databases like Oracle, My SQL, Postgresql, etc including many other related tutorials in Linux.

    • Home / How To / Red Hat 5 and 6 / How to check the lock status of any user account in Linux

    How to check the lock status of any user account in Linux

    ,
    In my last article I had showed you the steps to keep track of commands executed by individual users and to check the login time of respective users in your Linux box.

    Here I will show you few commands which I know can be used to see if any user account on your Linux machine is locked.

    Case 1: Password Locked

    In this case the password of any account is locked using the below command

    To lock the password
    # passwd -l user1
    Locking password for user user1.
    passwd: Success
    Review the status in /etc/shadow
    # grep user1 /etc/shadow user1:!!$6$ciJaoDR9$Qpt9sctRLjbZ4/Agxy9UOvu/XQqNrFo9rpgfZ/xrF/8JphkEvF29ITpef0SVLdJcrpv8Q/.6mRAHee4tZT0r11:16299:0:99999:7:::
    As you can see above two exclamation mark (!!) before the encrypted password which means that the password has been locked

    To unlock the password
    # passwd -u user1
    Unlocking password for user user1.
    passwd: Success

    Case 2: Account is Locked

    In this case the user account might have been locked by the administrator

    To lock an account
    # usermod -L user1
    Review your /etc/shadow file for the changes
    # grep user1 /etc/shadow
    user1:!$6$ciJaoDR9$Qpt9sctRLjbZ4/Agxy9UOvu/XQqNrFo9rpgfZ/xrF/8JphkEvF29ITpef0SVLdJcrpv8Q/.6mRAHee4tZT0r11:16299:0:99999:7:::

    As you see an extra single exclamation mark(!) appeared in the password section before the encrypted password starts which signifies that the user account is locked

    To unlock a user account
    # usermod -U user1

    Case 3: Password never set

    This can also be the scenario where the administrator has not assigned any password due to which the user is not able to login





    So to verify this again you need to check your /etc/shadow file
    # grep user1 /etc/shadow
    user1:    !!:16299:0:99999:7:::
    As you see two exclamation mark(!!) is there but no encrypted password which means a password is not set.

    If the password was set without lock your /etc/shadow would look like something below
    # grep user1 /etc/shadow
    user1:$6$ciJaoDR9$Qpt9sctRLjbZ4/Agxy9UOvu/XQqNrFo9rpgfZ/xrF/8JphkEvF29ITpef0SVLdJcrpv8Q/.6mRAHee4tZT0r11:16299:0:99999:7:::



    Check the lock status of any Linux Account

    Now one single command to see the lock status of the user
    # passwd -S user1
    user1 LK 2014-08-17 0 99999 7 -1 (    Password locked.)
    If the user account is unlocked you will output like below
    # passwd -S user1
    user1 PS 2014-08-17 0 99999 7 -1 (Password set, SHA512 crypt.)

    Related Articles
    How to track all the successful and failed login attempts by users in Linux
    How to change user Password Expiry, Home Directory etc in Linux

    Deepak Prasad

    Deepak Prasad is a techie and an author who is still trying to survive in this IT generation with very little knowledge he has on Linux/Unix, VMware, SAN Storage, Automation, networking etc

    You can follow him on Facebook or Google+

    Do you also have something to share here?

    Become an author and be a part of our GoLinuxHub Team, Click here for more information
    How to check the lock status of any user account in Linux How to check the lock status of any user account in Linux Reviewed by Deepak Prasad on Tuesday, August 19, 2014 Rating: 5

    3 comments:

    1. hi Deepak,

      I am not seeing encrypted pwd in my /etc/passwd file...why ?
      can u pls explain me why ??


      thanks

      ReplyDelete
      Replies

      1. Hi Pankaj,

        /etc/passwd doesnot contains the encrypted password, it will only contain "x" if a password is assigned

        encrypted form of password is visible in /etc/shadow

        Delete

    2. what is kernel patching
      how to update kernel
      please send me answers in brief

      ReplyDelete

    Subscribe to: Post Comments ( Atom )
    Powered by Blogger.