Mike's PBX Cookbook

Linux Password Expiration

On a new Linux installation, such as for a UCM or MAS, the root password is set to expire after 90 days. It must be set to never expire (never age), or you're inviting future problems! When you load or access a new system, always perform the following steps.

Note: Linux passwords are different to UCM passwords - UCM passwords are handled in Element Manager > Policies.

For this procedure, you must log on directly as root.

Note: 'root' can ONLY log on directly from either the COM1 console, or a keyboard and video monitor.

1 Confirm that the root password is set to expire:

[root@pbx ~]# chage --list root
Last password change                                    : Apr 11, 2011
Password expires                                        : Jul 10, 2011
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 1
Maximum number of days between password change          : 90
Number of days of warning before password expires       : 7

2 To turn off the password expiration for a user account, set the following:

-m 0 will set the minimum number of days between password change to 0
-M 99999 will set the maximum number of days between password change to 99999
-I -1 (number minus one) will set the "Password inactive" to never
-E -1 (number minus one) will set "Account expires" to never.

So, we'll issue the following command:
[root@pbx ~]# chage -m 0 -M 99999 -I -1 -E -1 root

3 Next confirm that the command has taken:

[root@pbx ~]# chage --list root
Last password change                                    : Apr 11, 2011
Password expires                                        : never
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 99999
Number of days of warning before password expires       : 7

Alternate Method

Login as root, and issue the command: passwd "Username" -x -1

Example:

# passwd root -x -1 
# passwd nortel -x -1

Issue the command chage --list root (as above) to confirm the password will never expire.

Home » Meridian » Install » Chage