In this blog post, we will discuss three different ways to set the user account expiration date in Linux. The first way is to use the chage command, the second way is to use the usermod command and the third way is to use useradd command.
We will also discuss some of the benefits of using each method. Let’s get started!
Difference between password expiration and account expiration
Password expiration means that user needs to change the password on next login. The user still be able to login after resetting the password. In the case of account expiration, User account will be locked after certain days, Hence it is not able to login at all.
change user account expiration date with chage command in Linux
The easiest way to change the user account expiration date in Linux is using chage command. You need to be logged in as the root user and run the following command to change the account expiration date for a user: chage -E YYYY-MM-DD USERNAME
Replace “YYYY-MM-DD” with the actual date you want the user’s account to expire on. Replace “USERNAME” with the actual username of the user you want to set the expiration date for. Once you have run this command, the user’s account will expire on the date you specified.
sudo chage -E 2021-02-28 charlie
donnie@ubuntu-steemnode:~$ sudo chage -l charlie
Last password change : Oct 06, 2019
Password expires : Never
Password inactive : Jan 08, 2020
Account expires : Feb 28, 2021
Minimum number of days between password change : 3
Maximum number of days between password change : 90
Number of days of warning before password expires : 4
- The first row of the output reports the last date in which the password for the account was changed (Last_password_change).
- The second line reports the date in which the current password will expire (Password_expires). In this case the reported value is “never”, so the password expiration feature is disabled (the password will never expire).
- The third line show us the Password inactive date.
- On the fourth row we can check the account expiration date (Account expiration). As a value for this option we can provide a specific date or alternatively a number of days since “January 1, 1970”, after which the user account will be locked.
- On the next two lines we can see the minimum number of days which should pass between two password changes (Minimum number of days between password change), and the maximum number of days a password should be valid (Maximum number of days between password change).
- Finally, in the last row of the program output we can see how many days before the password expiration event a warning should be sent to the user. The current value is 4; it is irrelevant, however, since password expiration is disabled.
we can set a password expiration date using the -M option, in order to set the maximum number of days in which a password should be considered valid. For example to set the password validity to 30,
we would run:$ sudo chage -M 30 egdoc
The above command will set the password to expire 30 days from the last change.
change user account expiration date with usermod command in Linux
The usermod command is another way to set the account expiration date in Linux. To use the usermod command, you need to be logged in as the root user. usermod -e YYYY-MM-DD USERNAME
sudo usermod -e 2023-07-31 samson
sudo chage -l samson
change user account expiration date with useradd command in Linux
The third way to set the user account expiration date in Linux is to use the useradd command. To use the useradd command, you need to be logged in as the root user.
sudo useradd -e 2023-06-30 samson
sudo chage -l samson
To change the defaults in the useradd file, you can either hand-edit the file or use useradd -D with the appropriate option switch for the item that you want to change. For example, to set a default expiration date of December 31, 2023, the command would be as follows: sudo useradd -D -e 2023-12-31
To see the new configuration, you can either open the useradd file or just do sudo useradd -D:
[donnie@localhost ~]$ sudo useradd -D
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=2023-12-31
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes
You’ve now set it so that any new user accounts that get created will have the same expiration date.
Each of these methods has its own benefits. The chage command is the most common way to set the user password expiration date in Linux because it is easy to use and it doesn’t require any additional packages to be installed.
The usermod command is a good choice if you are already using the usermod command for other tasks such as modifying the user’s home directory or shell. The useradd command is a good choice if you are already using the useradd command to create new users.
Which method do you prefer to use? Let us know in the comments below!