• VMware

    Learn about VMware virtualization for its products like vsphere ESX and ESXi, vCenter Server, VMware View, VMware P2V and many more

  • Linux

    Step by step configuration tutorials for many of the Linux services like DNS, DHCP, FTP, Samba4 etc including many tips and tricks in Red Hat Linux.

  • Database

    Learn installation and configuration of databases like Oracle, My SQL, Postgresql, etc including many other related tutorials in Linux.

    • Home / How To / Red Hat 5 and 6 / How to check the lock status of any user account in Linux

    How to check the lock status of any user account in Linux

    ,
    There are few commands which I know can be used to see if any user account on your Linux machine is locked.

    Case 1: Password Locked

    In this case the password of any account is locked using the below command

    To lock the password
    # passwd -l user1
    Locking password for user user1.
    passwd: Success
    Review the status in /etc/shadow
    # grep user1 /etc/shadow user1:!!$6$ciJaoDR9$Qpt9sctRLjbZ4/Agxy9UOvu/XQqNrFo9rpgfZ/xrF/8JphkEvF29ITpef0SVLdJcrpv8Q/.6mRAHee4tZT0r11:16299:0:99999:7:::
    As you can see above two exclamation mark (!!) before the encrypted password which means that the password has been locked

    To unlock the password
    # passwd -u user1
    Unlocking password for user user1.
    passwd: Success

    Case 2: Account is Locked

    In this case the user account might have been locked by the administrator

    To lock an account
    # usermod -L user1
    Review your /etc/shadow file for the changes
    # grep user1 /etc/shadow
    user1:!$6$ciJaoDR9$Qpt9sctRLjbZ4/Agxy9UOvu/XQqNrFo9rpgfZ/xrF/8JphkEvF29ITpef0SVLdJcrpv8Q/.6mRAHee4tZT0r11:16299:0:99999:7:::

    As you see an extra single exclamation mark(!) appeared in the password section before the encrypted password starts which signifies that the user account is locked

    To unlock a user account
    # usermod -U user1

    Case 3: Password never set

    This can also be the scenario where the administrator has not assigned any password due to which the user is not able to login





    So to verify this again you need to check your /etc/shadow file
    # grep user1 /etc/shadow
    user1:    !!:16299:0:99999:7:::
    As you see two exclamation mark(!!) is there but no encrypted password which means a password is not set.

    If the password was set without lock your /etc/shadow would look like something below
    # grep user1 /etc/shadow
    user1:$6$ciJaoDR9$Qpt9sctRLjbZ4/Agxy9UOvu/XQqNrFo9rpgfZ/xrF/8JphkEvF29ITpef0SVLdJcrpv8Q/.6mRAHee4tZT0r11:16299:0:99999:7:::

    Check the lock status of any Linux Account

    Now one single command to see the lock status of the user
    # passwd -S user1
    user1 LK 2014-08-17 0 99999 7 -1 (    Password locked.)
    If the user account is unlocked you will output like below
    # passwd -S user1
    user1 PS 2014-08-17 0 99999 7 -1 (Password set, SHA512 crypt.)


    Related Articles
    How to keep a track of all the commands run by any user in Linux
    How to track all the successful and failed login attempts by users in Linux
    How to check last login time for users in Linux
    How to change user Password Expiry, Home Directory etc in Linux


    Follow the below links for more tutorials

    What is the difference/comparison between Unix and Linux ?
    What are the maximum and minimum limits for RHEL 4 vs 5 vs 6 ?
    Step by Step Linux Boot Process Explained In Detail
    What is the difference between ext3 and ext4 filesystem in Linux ?
    How to configure Private Network in VMware Workstation
    10 examples to help you understand top command usage in Unix/Linux
    Configure Red Hat Cluster using VMware, Quorum Disk, GFS2, Openfiler
    Tutorial for Monitoring Tools SAR and KSAR with examples in Linux
    15 tips to enhance security of your Linux machine
    Why is Linux more secure than windows and any other OS
    Understanding Load Average in Linux and when to be worried about it?
    Disk Attachment Technology FC vs SAS vs iSCSI
    Understanding UMASK value in Linux
    How to keep a track of all the commands run by any user in Linux
    How do you check Linux machine is Physical or Virtual remotely?

    Deepak Prasad

    Deepak Prasad is a techie and an author who is still trying to survive in this IT generation with very little knowledge he has on Linux/Unix, VMware, SAN Storage, Automation, networking etc

    You can follow him on Facebook or Google+

    Do you also have something to share here?

    Become an author and be a part of our GoLinuxHub Team, Click here for more information
    How to check the lock status of any user account in Linux How to check the lock status of any user account in Linux Reviewed by Deepak Prasad on Tuesday, August 19, 2014 Rating: 5

    3 comments:

    1. hi Deepak,

      I am not seeing encrypted pwd in my /etc/passwd file...why ?
      can u pls explain me why ??


      thanks

      ReplyDelete
      Replies

      1. Hi Pankaj,

        /etc/passwd doesnot contains the encrypted password, it will only contain "x" if a password is assigned

        encrypted form of password is visible in /etc/shadow

        Delete

    2. what is kernel patching
      how to update kernel
      please send me answers in brief

      ReplyDelete

    Subscribe to: Post Comments ( Atom )
    Powered by Blogger.