If you ever needed to know if an account is locked in CentOS Linux, there are a few commands to find those answers.
Lock a password using passwd
.
[root@centos~]# passwd -l testuser Locking password for user testuser. passwd: Success
Additional confirmation that the password is locked. The double !!
indicates that the password is locked. Note that this user does not have a password.
[root@centos~]# getent shadow testuser testuser:!!:17239:0:99999:7:::
Unlock the password. Note that the password did not unlock as it did not have a password.
[root@centos ~]# passwd -u testuser Unlocking password for user testuser. passwd: Warning: unlocked password would be empty. passwd: Unsafe operation (use -f to force) [root@centos ~]# grep testuser /etc/shadow testuser:!!:17239:0:99999:7:::
Add a password.
[root@centos ~]# passwd testuser Changing password for user testuser. New password: BAD PASSWORD: it is based on a dictionary word Retype new password: passwd: all authentication tokens updated successfully.
Now check the password. The password is unlocked.
[root@centos~]# getent shadow testuser testuser:$6$wfr9GW6r$IOpUe7QzqAAdgQmvT94Ic10uGCWwge95CqMvPpfDWEfNV84SfRcPnC5DJ8QV3v7zaxkyhkI.0u.LtTI4ePPY/1:17239:0:99999:7:::
So, if the account has a password, it may be unlocked with passwd -u testuser
. Whether or not there is a password, the password may be unlocked by changing or adding a password with passwd testuser
.
The password may be checked another way.
[root@centos~]# passwd -S testuser testuser LK 2017-03-13 0 99999 7 -1 (Password locked.) [root@centos~]# passwd -u testuser Unlocking password for user testuser. passwd: Success [root@centos ~]# passwd -S testuser testuser PS 2017-03-13 0 99999 7 -1 (Password set, SHA512 crypt.)
Lock an account. The !
indicates that the user account is locked.
[root@centos~]# usermod -L testuser [root@centos~]# getent shadow testuser testuser:!$6$NYjZ.ycM$eE4fPOSwikwG.86cVeuTMNzUgeRDB/raOeP0PISUS5PbqzbHtMsmamA7w4vzhRmNuGPCVv91FnkKIrIC7JAnv1:17239:0:99999:7:::
Source(s)
http://www.golinuxhub.com/2014/08/how-to-check-lock-status-of-any-user.html