Change expired password via ssh
15,482
Only the root user can re-enable an expired account.
- Run
sudo chage -E -1 <username>
to re-enable it. - Then the regular user will have to remember to change their password manually once they login with
$ passwd
.
Related videos on Youtube
Author by
newellista
Updated on September 18, 2022Comments
-
newellista over 1 year
I have added some new users and set default passwords.
Using
chage -d 0
, I have expired them, hoping that they will be prompted to change their passwords the first time they login.Unfortunately, the only way this machine is accessed is via SSH. When the user ssh's to the box, they get:
Your account has expired; please contact your system administrator
I checked
/var/log/auth.log
, and found the following:Feb 27 10:19:01 gitlabci sshd[6793]: pam_unix(sshd:account): account <USER> has expired (account expired) Feb 27 10:19:01 gitlabci sshd[6793]: Failed password for <USER> from <MY_IP> port 1939 ssh2 Feb 27 10:19:01 gitlabci sshd[6793]: fatal: Access denied for user <USER> by PAM account configuration [preauth]
I don't see any configuration options in
/etc/ssh/sshd_config
that will allow the prompt for a new password.Anybody have any suggestions?