chage

user managementlinux
The chage command is one of the most frequently used commands in Linux/Unix-like operating systems. chage Change user password expiry information

Quick Reference

Command Name:

chage

Category:

user management

Platform:

linux

Basic Usage:

chage [options] [arguments]

Common Use Cases

    Syntax

    chage [options] LOGIN

    Options

    Option Description
    -d, --lastday LAST_DAY Set date of last password change to LAST_DAY
    -E, --expiredate EXPIRE_DATE Set account expiration date to EXPIRE_DATE
    -h, --help Display help message and exit
    -I, --inactive INACTIVE Set password inactive after expiration to INACTIVE
    -l, --list Show account aging information
    -m, --mindays MIN_DAYS Set minimum number of days before password change to MIN_DAYS
    -M, --maxdays MAX_DAYS Set maximum number of days before password change to MAX_DAYS
    -R, --root CHROOT_DIR Apply changes in CHROOT_DIR directory
    -W, --warndays WARN_DAYS Set expiration warning days to WARN_DAYS

    Examples

    How to Use These Examples

    The examples below show common ways to use the chage command. Try them in your terminal to see the results. You can copy any example by clicking on the code block.

    #

    Basic Examples:

    # Display account aging information for a user
    chage -l username
    # Set the minimum password lifetime (in days) for a user chage -m 7 username
    # Set the maximum password lifetime (in days) for a user chage -M 90 username
    # Set the password expiration date to a specific date chage -E 2023-12-31 username

    Advanced Examples:

    # Force password change on next login
    chage -d 0 username
    # Set account expiration date (account will be disabled after this date) chage -E "2024-06-30" username
    # Set password expiry warning period to 14 days before expiration chage -W 14 username # Set password inactive period (days after password expires until account is disabled) chage -I 7 username # Disable password expiration chage -M -1 username # Disable account expiration chage -E -1 username # Interactive mode to set all aging parameters chage username

    Try It Yourself

    Practice makes perfect! The best way to learn is by trying these examples on your own system with real files.

    Understanding Syntax

    Pay attention to the syntax coloring: commands, options, and file paths are highlighted differently.

    Notes

    Key Features:

    The chage command provides several capabilities for managing user password policies:

    • View and modify password expiration dates
    • Configure account expiration dates
    • Set minimum and maximum password lifetimes
    • Configure password expiry warning periods
    • Define grace periods after password expiration
    • Force password changes at next login

    Important Parameters:

    • Last password change date: Base date for calculating password aging
    • Password validity: How long a password can be used before requiring change
    • Account expiration: When the entire account becomes invalid
    • Password inactivity: Grace period after expiration before account lockout
    • Warning period: How many days before expiration to warn the user

    Date Formats:

    The chage command accepts dates in several formats:

    • YYYY-MM-DD: Standard date format (e.g., 2023-12-31)
    • MM/DD/YYYY: Alternative format (e.g., 12/31/2023)
    • Number of days: Days since January 1, 1970
    • Special values: -1 (never expires), 0 (immediate expiration/change)

    Special Values:

    • -1: When used with -M or -E, indicates 'never expires'
    • 0: When used with -d, forces password change at next login
    • 0: When used with -E, expires account immediately
    • 0: When used with -I, disables account immediately after password expiration

    System Files:

    • /etc/shadow: The file where password aging information is stored
    • /etc/login.defs: Default settings for password aging parameters

    Security Considerations:

    • Root privileges are required to modify password aging for other users
    • Users can only view (not modify) their own aging information
    • Password policies should balance security with usability
    • Too-frequent password changes can lead to weaker passwords or written-down passwords
    • Setting appropriate warning days helps users prepare for password changes

    Related Commands:

    • passwd: Change passwords and some aging parameters
    • usermod: Modify user account settings including expiration
    • useradd: Create new users with initial aging parameters
    • shadow: Manual editing of the shadow password file (not recommended)

    Related Commands

    These commands are frequently used alongside chage or serve similar purposes:

    Use Cases

    Learn By Doing

    The best way to learn Linux commands is by practicing. Try out these examples in your terminal to build muscle memory and understand how the chage command works in different scenarios.

    $ chage
    View All Commands