Never Expired for root password

Never expired for root password

Guy's

I want to change the setting to keep the root password to be nerved expired!

Please advice with the sitting!

May be this can help you

Linux turn OFF password expiration / aging

login as root and

---------- Post updated at 06:59 AM ---------- Previous update was at 06:58 AM ----------

chage won't be installed in Solaris, but that would work on another operating system, I suppose.

I guess chage works only in Linux.

Yup, but the command I listed will allow the same function. If you wanted to display the aging policy for all users you would use the following command. This will also display the last time the user changed their password, whether an account is locked (LK) or ready to login (PS). It's great for auditing purposes.

# passwd -as

Yup. The Command which you have written will work on different version.

One wonders why you would want the root account to never need changing. This is a security risk. You should have a regular procedure to change the root password and keep it secure. If someone managed to get your encrypted password file, then a brute force attack could eventually crack the root password and then they would have full control, including locking you out.

Robin
Liverpool/Blackburn
UK

The OP never said he was never going to change the root password. He just said he didn't want the root account to have an automatic expiration.

Because automatic expiration of the root account is dumb. The only account that can fix it is root. But root's locked out because the account is expired.

Have I got the wrong end of the query then? Are we talking about expiring the password, i.e. forcing it to be changed regularly or expiring the account if the password is not changed?

Fine distinction in the phrasing but a huge difference in meaning.

If I've got it wrong, then I agree, suspending the root account is generally a bad thing. I actually never log in as root though. I have appropriate privileges with sudo so it's all accountable etc. and the password is stored away for use off the console only.

Apologies if I'm got it all the gnorw yaw dnour.

Robin

Never lock

usermod -K lock_after_retries=no root

Never expire

passwd -x -1 root