目录
1 usermod命令
- 修改用户的uid
[root@worker1 ~]# usermod -u 1111 user3
[root@worker1 ~]# tail -n3 /etc/passwd
user1:x:1001:1001::/home/user1:/bin/bash
user2:x:1002:1002::/home/user2:/bin/bash
user3:x:1111:1100::/home/user3:/bin/bash
- 修改用户gid
[root@worker1 ~]# tail -n3 /etc/passwd
user1:x:1001:1001::/home/user1:/bin/bash
user2:x:1002:1002::/home/user2:/bin/bash
user3:x:1111:1100::/home/user3:/bin/bash
[root@worker1 ~]# usermod -g 1100 user2
[root@worker1 ~]# tail -n3 /etc/passwd
user1:x:1001:1001::/home/user1:/bin/bash
user2:x:1002:1100::/home/user2:/bin/bash
user3:x:1111:1100::/home/user3:/bin/bash
- 修改用户的shell
[root@worker1 ~]# tail -n3 /etc/passwd
user1:x:1001:1001::/home/user1:/bin/bash
user2:x:1002:1100::/home/user2:/bin/bash
user3:x:1111:1100::/home/user3:/bin/bash
[root@worker1 ~]# usermod -s /sbin/nologin user3
[root@worker1 ~]# tail -n3 /etc/passwd
user1:x:1001:1001::/home/user1:/bin/bash
user2:x:1002:1100::/home/user2:/bin/bash
user3:x:1111:1100::/home/user3:/sbin/nologin
- 把用户扩展到另外一个组
[root@worker1 ~]# usermod -G user2 user3
[root@worker1 ~]# id user3
uid=1111(user3) gid=1100(grp2) groups=1100(grp2),1002(user2)
2 用户密码管理
[root@worker1 ~]# tail /etc/shadow
systemd-network:!!:17779::::::
dbus:!!:17779::::::
polkitd:!!:17779::::::
tss:!!:17779::::::
postfix:!!:17779::::::
sshd:!!:17779::::::
user:!!:17783:0:99999:7:::
user1:!!:17791:0:99999:7:::
user2:!!:17792:0:99999:7:::
user3:!!:17792:0:99999:7:::
第二个字段是加密字符串,如果是两个!!密码是空的,不能登录;如果是*,是被锁定的,不能登录
- 设置user3的密码
[root@worker1 ~]# passwd user3
Changing password for user user3.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.
[root@worker1 ~]# tail -n3 /etc/shadow
user1:!!:17791:0:99999:7:::
user2:!!:17792:0:99999:7:::
user3:$6$Y2NKQ1ca$yp/S28D1A/WQ2RI.RBFYXqEJJKiUiZWgDnb5noXvDH56Qsldaw79mjIaLvZsTcIuCdzsK3G.oYfM3Gmm/WD0p1:17792:0:99999:7:::
- 锁定user3用户,这样就不能登录了,密码段前会有!!
[root@worker1 ~]# passwd -l user3
Locking password for user user3.
passwd: Success
[root@worker1 ~]# tail -n3 /etc/shadow
user1:!!:17791:0:99999:7:::
user2:!!:17792:0:99999:7:::
user3:!!$6$Y2NKQ1ca$yp/S28D1A/WQ2RI.RBFYXqEJJKiUiZWgDnb5noXvDH56Qsldaw79mjIaLvZsTcIuCdzsK3G.oYfM3Gmm/WD0p1:17792:0:99999:7:::
- 解锁user3,密码段去掉了!!
[root@worker1 ~]# passwd -u user3
Unlocking password for user user3.
passwd: Success
[root@worker1 ~]# tail -n3 /etc/shadow
user1:!!:17791:0:99999:7:::
user2:!!:17792:0:99999:7:::
user3:$6$Y2NKQ1ca$yp/S28D1A/WQ2RI.RBFYXqEJJKiUiZWgDnb5noXvDH56Qsldaw79mjIaLvZsTcIuCdzsK3G.oYfM3Gmm/WD0p1:17792:0:99999:7:::
- 更改用户密码便捷方法
- 方法1
[root@worker1 ~]# echo "654321"|passwd --stdin user3
Changing password for user user3.
passwd: all authentication tokens updated successfully.
- 方法2
[root@worker1 ~]# echo -e "123456\n123456" | passwd user3
Changing password for user user3.
New password: BAD PASSWORD: The password is shorter than 8 characters
Retype new password: passwd: all authentication tokens updated successfully.
3 mkpasswd命令
- 命令mkpasswd用于生成密码。我们安装的Linux默认是没有这个命令的,需要安装一个expect软件包
[root@worker1 ~]# yum install -y expect
-l 指定字符串长度
-s 指定特殊符号
-d 指定字符串数字的个数
[root@worker1 ~]# mkpasswd -l 12
25cbtoo|XgzR
[root@worker1 ~]# mkpasswd -l 12 -s 5
#;s|7$-FB7re
[root@worker1 ~]# mkpasswd -l 12 -s 0
mod0PL5ppqgr
[root@worker1 ~]# mkpasswd -l 12 -d 6
7_40kw7CU9a8