3.5-用户密码管理
作者:互联网
更改root用户密码
passwd后面不需要跟root,然后输入2次密码就OK了
[root@evan-01 ~]# passwd
Changing password for user root.
New password:
BAD PASSWORD: The password is a palindrome
Retype new password:
passwd: all authentication tokens updated successfully.
[root@evan-01 ~]#
更改普通用户密码
passwd[用户名]然后输入2次密码就OK了
[root@evan-01 ~]# passwd user1
Changing password for user user1.
New password:
BAD PASSWORD: The password is a palindrome
Retype new password:
passwd: all authentication tokens updated successfully.
[root@evan-01 ~]#
查看密码文件
[root@evan-01 ~]# tail /etc/shadow
polkitd:!!:18116::::::
postfix:!!:18116::::::
sshd:!!:18116::::::
chrony:!!:18116::::::
evan1:$6$sZaQ18JJ$a3fX2DGLV/ag4CJAdhb/zbJFqQTR6cAW/Grs7HwdkE6mDit8CRW4uw43LiWDWjn/JSsfYGqUcJSY6ul9ruUgX0:18121:0:99999:7:::
evan2:!!:18117:0:99999:7:::
user1:$6$tEdKB6NX$XqPFZAI.5DO9dpe9xRt3vEpPR6RT4RzjOOqcHPbwzLerUqs5G61NbvMZuckJk150/DijWokQRq5IKdoZ/K9ip1:18122:0:99999:7:::
user2:!!:18122:0:99999:7:::
user3:!!:18122:0:99999:7:::
user4:!!:18122:0:99999:7:::
[root@evan-01 ~]#
我们发现 evan1 user1 的第二位有很长的字符串,这个就是加密后的密码。
其余的都是 !! ,表示密码为空,这种用户是没办法登录的
[root@evan-01 ~]# head /etc/shadow
root:$6$467R9iiw$/mXoEB6meTeGJjfnWs9HvJz5swLTkKk5zFYiHv6iJuz3wUDvkcPHUXuGz60SP9XTOlb05xnRWQ2QHCsrqwk.R0:18122:0:99999:7:::
bin:*:17110:0:99999:7:::
daemon:*:17110:0:99999:7:::
adm:*:17110:0:99999:7:::
lp:*:17110:0:99999:7:::
sync:*:17110:0:99999:7:::
shutdown:*:17110:0:99999:7:::
halt:*:17110:0:99999:7:::
mail:*:17110:0:99999:7:::
operator:*:17110:0:99999:7:::
[root@evan-01 ~]#
带 * 的表示用户密码被锁定,这种用户也是没办法登录的
passwd -l 锁定用户
[root@evan-01 ~]# tail /etc/shadow
polkitd:!!:18116::::::
postfix:!!:18116::::::
sshd:!!:18116::::::
chrony:!!:18116::::::
evan1:$6$sZaQ18JJ$a3fX2DGLV/ag4CJAdhb/zbJFqQTR6cAW/Grs7HwdkE6mDit8CRW4uw43LiWDWjn/JSsfYGqUcJSY6ul9ruUgX0:18121:0:99999:7:::
evan2:!!:18117:0:99999:7:::
user1:$6$tEdKB6NX$XqPFZAI.5DO9dpe9xRt3vEpPR6RT4RzjOOqcHPbwzLerUqs5G61NbvMZuckJk150/DijWokQRq5IKdoZ/K9ip1:18122:0:99999:7:::
user2:!!:18122:0:99999:7:::
user3:!!:18122:0:99999:7:::
user4:!!:18122:0:99999:7:::
[root@evan-01 ~]# passwd -l user1
Locking password for user user1.
passwd: Success
[root@evan-01 ~]# tail /etc/shadow
polkitd:!!:18116::::::
postfix:!!:18116::::::
sshd:!!:18116::::::
chrony:!!:18116::::::
evan1:$6$sZaQ18JJ$a3fX2DGLV/ag4CJAdhb/zbJFqQTR6cAW/Grs7HwdkE6mDit8CRW4uw43LiWDWjn/JSsfYGqUcJSY6ul9ruUgX0:18121:0:99999:7:::
evan2:!!:18117:0:99999:7:::
user1:!!$6$tEdKB6NX$XqPFZAI.5DO9dpe9xRt3vEpPR6RT4RzjOOqcHPbwzLerUqs5G61NbvMZuckJk150/DijWokQRq5IKdoZ/K9ip1:18122:0:99999:7:::
user2:!!:18122:0:99999:7:::
user3:!!:18122:0:99999:7:::
user4:!!:18122:0:99999:7:::
[root@evan-01 ~]#
前后进行了一下对比,我们发现,锁定用户后,密码前面多了个 !!
passwd -u 解锁用户
[root@evan-01 ~]# tail /etc/shadow
polkitd:!!:18116::::::
postfix:!!:18116::::::
sshd:!!:18116::::::
chrony:!!:18116::::::
evan1:$6$sZaQ18JJ$a3fX2DGLV/ag4CJAdhb/zbJFqQTR6cAW/Grs7HwdkE6mDit8CRW4uw43LiWDWjn/JSsfYGqUcJSY6ul9ruUgX0:18121:0:99999:7:::
evan2:!!:18117:0:99999:7:::
user1:!!$6$tEdKB6NX$XqPFZAI.5DO9dpe9xRt3vEpPR6RT4RzjOOqcHPbwzLerUqs5G61NbvMZuckJk150/DijWokQRq5IKdoZ/K9ip1:18122:0:99999:7:::
user2:!!:18122:0:99999:7:::
user3:!!:18122:0:99999:7:::
user4:!!:18122:0:99999:7:::
[root@evan-01 ~]# passwd -u user1
Unlocking password for user user1.
passwd: Success
[root@evan-01 ~]# tail /etc/shadow
polkitd:!!:18116::::::
postfix:!!:18116::::::
sshd:!!:18116::::::
chrony:!!:18116::::::
evan1:$6$sZaQ18JJ$a3fX2DGLV/ag4CJAdhb/zbJFqQTR6cAW/Grs7HwdkE6mDit8CRW4uw43LiWDWjn/JSsfYGqUcJSY6ul9ruUgX0:18121:0:99999:7:::
evan2:!!:18117:0:99999:7:::
user1:$6$tEdKB6NX$XqPFZAI.5DO9dpe9xRt3vEpPR6RT4RzjOOqcHPbwzLerUqs5G61NbvMZuckJk150/DijWokQRq5IKdoZ/K9ip1:18122:0:99999:7:::
user2:!!:18122:0:99999:7:::
user3:!!:18122:0:99999:7:::
user4:!!:18122:0:99999:7:::
[root@evan-01 ~]#
前后进行了一下对比,我们发现,解锁用户后,密码前面的 !! 号没了
分享另一种锁定命令和属性 usermod -L
[root@evan-01 ~]# tail /etc/shadow
polkitd:!!:18116::::::
postfix:!!:18116::::::
sshd:!!:18116::::::
chrony:!!:18116::::::
evan1:$6$sZaQ18JJ$a3fX2DGLV/ag4CJAdhb/zbJFqQTR6cAW/Grs7HwdkE6mDit8CRW4uw43LiWDWjn/JSsfYGqUcJSY6ul9ruUgX0:18121:0:99999:7:::
evan2:!!:18117:0:99999:7:::
user1:$6$tEdKB6NX$XqPFZAI.5DO9dpe9xRt3vEpPR6RT4RzjOOqcHPbwzLerUqs5G61NbvMZuckJk150/DijWokQRq5IKdoZ/K9ip1:18122:0:99999:7:::
user2:!!:18122:0:99999:7:::
user3:!!:18122:0:99999:7:::
user4:!!:18122:0:99999:7:::
[root@evan-01 ~]# usermod -L user1
[root@evan-01 ~]# tail /etc/shadow
polkitd:!!:18116::::::
postfix:!!:18116::::::
sshd:!!:18116::::::
chrony:!!:18116::::::
evan1:$6$sZaQ18JJ$a3fX2DGLV/ag4CJAdhb/zbJFqQTR6cAW/Grs7HwdkE6mDit8CRW4uw43LiWDWjn/JSsfYGqUcJSY6ul9ruUgX0:18121:0:99999:7:::
evan2:!!:18117:0:99999:7:::
user1:!$6$tEdKB6NX$XqPFZAI.5DO9dpe9xRt3vEpPR6RT4RzjOOqcHPbwzLerUqs5G61NbvMZuckJk150/DijWokQRq5IKdoZ/K9ip1:18122:0:99999:7:::
user2:!!:18122:0:99999:7:::
user3:!!:18122:0:99999:7:::
user4:!!:18122:0:99999:7:::
[root@evan-01 ~]#
前后进行了一下对比,我们发现,锁定用户后,密码前面多了一个 ! 号
分享另一种解锁命令和属性 usermod -U
[root@evan-01 ~]# tail /etc/shadow
polkitd:!!:18116::::::
postfix:!!:18116::::::
sshd:!!:18116::::::
chrony:!!:18116::::::
evan1:$6$sZaQ18JJ$a3fX2DGLV/ag4CJAdhb/zbJFqQTR6cAW/Grs7HwdkE6mDit8CRW4uw43LiWDWjn/JSsfYGqUcJSY6ul9ruUgX0:18121:0:99999:7:::
evan2:!!:18117:0:99999:7:::
user1:!$6$tEdKB6NX$XqPFZAI.5DO9dpe9xRt3vEpPR6RT4RzjOOqcHPbwzLerUqs5G61NbvMZuckJk150/DijWokQRq5IKdoZ/K9ip1:18122:0:99999:7:::
user2:!!:18122:0:99999:7:::
user3:!!:18122:0:99999:7:::
user4:!!:18122:0:99999:7:::
[root@evan-01 ~]# usermod -U user1
[root@evan-01 ~]# tail /etc/shadow
polkitd:!!:18116::::::
postfix:!!:18116::::::
sshd:!!:18116::::::
chrony:!!:18116::::::
evan1:$6$sZaQ18JJ$a3fX2DGLV/ag4CJAdhb/zbJFqQTR6cAW/Grs7HwdkE6mDit8CRW4uw43LiWDWjn/JSsfYGqUcJSY6ul9ruUgX0:18121:0:99999:7:::
evan2:!!:18117:0:99999:7:::
user1:$6$tEdKB6NX$XqPFZAI.5DO9dpe9xRt3vEpPR6RT4RzjOOqcHPbwzLerUqs5G61NbvMZuckJk150/DijWokQRq5IKdoZ/K9ip1:18122:0:99999:7:::
user2:!!:18122:0:99999:7:::
user3:!!:18122:0:99999:7:::
user4:!!:18122:0:99999:7:::
[root@evan-01 ~]#
前后进行了一下对比,我们发现,解锁用户后,密码前面的 ! 没了
passwd --stdin 另一种更改密码方法
passwd --stdin 另一种更改密码方法,只需要输入一次密码,并且是明文的
[root@evan-01 ~]# passwd --stdin user1
Changing password for user user1.
abcdefg
passwd: all authentication tokens updated successfully.
[root@evan-01 ~]#
另外一种简单的写法
[root@evan-01 ~]# echo gfedcba | passwd --stdin user1
Changing password for user user1.
passwd: all authentication tokens updated successfully.
[root@evan-01 ~]#
| 这个叫管道符,作用是把前面命令输出的内容直接赋给后面,这样的话,我们就不需要再单独输入密码了,相当于已经提前把密码设置了
拓展,echo -e
echo -e 会对要输出的字符里面的特殊符号进行处理,而不是简单的当成字符串处理
若字符串中出现以下字符,则特别加以处理,而不会将它当成一般文字输出:
字符 | 含义 |
---|---|
\a | 发出警告声 |
\b | 删除前一个字符 |
\c | 最后不加上换行符号 |
\f | 换行但光标仍旧停留在原来的位置 |
\n | 换行且光标移至行首 |
\r | 光标移至行首,但不换行 |
\t | 插入tab |
\v | 与\f相同 |
\ | 插入\字符 |
\nnn | 插入nnn(八进制)所代表的ASCII字符 |
[root@evan-01 ~]# echo -e "123\n456"
123
456
[root@evan-01 ~]#
一行搞定,不需要重复输入密码
[root@evan-01 ~]# echo -e "tgbRFV43w2\ntgbRFV43w2" | passwd user1
Changing password for user user1.
New password: Retype new password: passwd: all authentication tokens updated successfully.
[root@evan-01 ~]#
标签:99999,01,18122,用户,18116,密码,3.5,evan,root 来源: https://blog.csdn.net/u010148669/article/details/99581341