In my last article I had showed you the steps to keep track of commands executed by individual users and to check the login time of respective users in your Linux box.
Here I will show you few commands which I know can be used to see if any user account on your Linux machine is locked.
To lock the password
Review the status in /etc/shadow
Follow below article to get the steps to lock and unlock a user for multiple failed login attempts
How to lock or unlock a root and normal user account using pam_tally2 and pam_faillock after certain number of failed login attempts in Linux
How to lock or unlock a root and normal user account using pam_tally2 and pam_faillock after certain number of failed login attempts in Linux
Here I will show you few commands which I know can be used to see if any user account on your Linux machine is locked.
Case 1: Password Locked
In this case the password of any account is locked using the below commandTo lock the password
# passwd -l user1
Locking password for user user1.
passwd: Success
Review the status in /etc/shadow
As you can see above two exclamation mark (!!) before the encrypted password which means that the password has been locked
To unlock the password
To lock an account
Review your /etc/shadow file for the changes
As you see an extra single exclamation mark(!) appeared in the password section before the encrypted password starts which signifies that the user account is locked
To unlock the password
# passwd -u user1
Unlocking password for user user1.
passwd: Success
Case 2: Account is Locked
In this case the user account might have been locked by the administratorTo lock an account
# usermod -L user1
Review your /etc/shadow file for the changes
As you see an extra single exclamation mark(!) appeared in the password section before the encrypted password starts which signifies that the user account is locked
To unlock a user account
So to verify this again you need to check your /etc/shadow file
As you see two exclamation mark(!!) is there but no encrypted password which means a password is not set.
If the password was set without lock your /etc/shadow would look like something below
# usermod -U user1
Case 3: Password never set
This can also be the scenario where the administrator has not assigned any password due to which the user is not able to loginSo to verify this again you need to check your /etc/shadow file
# grep user1 /etc/shadow
user1:!!:16299:0:99999:7:::
As you see two exclamation mark(!!) is there but no encrypted password which means a password is not set.
If the password was set without lock your /etc/shadow would look like something below
Check the lock status of any Linux Account
Now one single command to see the lock status of the user# passwd -S user1
user1 LK 2014-08-17 0 99999 7 -1 (Password locked.)
If the user account is unlocked you will output like below
Related Articles
How to track all the successful and failed login attempts by users in Linux
How to change user Password Expiry, Home Directory etc in Linux
# passwd -S user1
user1 PS 2014-08-17 0 99999 7 -1 (Password set, SHA512 crypt.)
How to track all the successful and failed login attempts by users in Linux
How to change user Password Expiry, Home Directory etc in Linux
How to check the lock status of any user account in Linux
Reviewed by admin
on
Tuesday, August 19, 2014
Rating:
hi Deepak,
ReplyDeleteI am not seeing encrypted pwd in my /etc/passwd file...why ?
can u pls explain me why ??
thanks
Hi Pankaj,
Delete/etc/passwd doesnot contains the encrypted password, it will only contain "x" if a password is assigned
encrypted form of password is visible in /etc/shadow
what is kernel patching
ReplyDeletehow to update kernel
please send me answers in brief