3.5-用户密码管理

更改root用户密码
passwd后面不需要跟root,然后输入2次密码就OK了

[root@evan-01 ~]# passwd
Changing password for user root.
New password: 
BAD PASSWORD: The password is a palindrome
Retype new password: 
passwd: all authentication tokens updated successfully.
[root@evan-01 ~]# 

更改普通用户密码
passwd[用户名]然后输入2次密码就OK了

[root@evan-01 ~]# passwd user1
Changing password for user user1.
New password: 
BAD PASSWORD: The password is a palindrome
Retype new password: 
passwd: all authentication tokens updated successfully.
[root@evan-01 ~]# 

查看密码文件

[root@evan-01 ~]# tail /etc/shadow
polkitd:!!:18116::::::
postfix:!!:18116::::::
sshd:!!:18116::::::
chrony:!!:18116::::::
evan1:$6$sZaQ18JJ$a3fX2DGLV/ag4CJAdhb/zbJFqQTR6cAW/Grs7HwdkE6mDit8CRW4uw43LiWDWjn/JSsfYGqUcJSY6ul9ruUgX0:18121:0:99999:7:::
evan2:!!:18117:0:99999:7:::
user1:$6$tEdKB6NX$XqPFZAI.5DO9dpe9xRt3vEpPR6RT4RzjOOqcHPbwzLerUqs5G61NbvMZuckJk150/DijWokQRq5IKdoZ/K9ip1:18122:0:99999:7:::
user2:!!:18122:0:99999:7:::
user3:!!:18122:0:99999:7:::
user4:!!:18122:0:99999:7:::
[root@evan-01 ~]#

我们发现 evan1 user1 的第二位有很长的字符串,这个就是加密后的密码。
其余的都是 !! ,表示密码为空,这种用户是没办法登录的

[root@evan-01 ~]# head /etc/shadow
root:$6$467R9iiw$/mXoEB6meTeGJjfnWs9HvJz5swLTkKk5zFYiHv6iJuz3wUDvkcPHUXuGz60SP9XTOlb05xnRWQ2QHCsrqwk.R0:18122:0:99999:7:::
bin:*:17110:0:99999:7:::
daemon:*:17110:0:99999:7:::
adm:*:17110:0:99999:7:::
lp:*:17110:0:99999:7:::
sync:*:17110:0:99999:7:::
shutdown:*:17110:0:99999:7:::
halt:*:17110:0:99999:7:::
mail:*:17110:0:99999:7:::
operator:*:17110:0:99999:7:::
[root@evan-01 ~]# 

带 * 的表示用户密码被锁定,这种用户也是没办法登录的

passwd -l 锁定用户

[root@evan-01 ~]# tail /etc/shadow
polkitd:!!:18116::::::
postfix:!!:18116::::::
sshd:!!:18116::::::
chrony:!!:18116::::::
evan1:$6$sZaQ18JJ$a3fX2DGLV/ag4CJAdhb/zbJFqQTR6cAW/Grs7HwdkE6mDit8CRW4uw43LiWDWjn/JSsfYGqUcJSY6ul9ruUgX0:18121:0:99999:7:::
evan2:!!:18117:0:99999:7:::
user1:$6$tEdKB6NX$XqPFZAI.5DO9dpe9xRt3vEpPR6RT4RzjOOqcHPbwzLerUqs5G61NbvMZuckJk150/DijWokQRq5IKdoZ/K9ip1:18122:0:99999:7:::
user2:!!:18122:0:99999:7:::
user3:!!:18122:0:99999:7:::
user4:!!:18122:0:99999:7:::
[root@evan-01 ~]# passwd -l user1
Locking password for user user1.
passwd: Success
[root@evan-01 ~]# tail /etc/shadow
polkitd:!!:18116::::::
postfix:!!:18116::::::
sshd:!!:18116::::::
chrony:!!:18116::::::
evan1:$6$sZaQ18JJ$a3fX2DGLV/ag4CJAdhb/zbJFqQTR6cAW/Grs7HwdkE6mDit8CRW4uw43LiWDWjn/JSsfYGqUcJSY6ul9ruUgX0:18121:0:99999:7:::
evan2:!!:18117:0:99999:7:::
user1:!!$6$tEdKB6NX$XqPFZAI.5DO9dpe9xRt3vEpPR6RT4RzjOOqcHPbwzLerUqs5G61NbvMZuckJk150/DijWokQRq5IKdoZ/K9ip1:18122:0:99999:7:::
user2:!!:18122:0:99999:7:::
user3:!!:18122:0:99999:7:::
user4:!!:18122:0:99999:7:::
[root@evan-01 ~]#

前后进行了一下对比,我们发现,锁定用户后,密码前面多了个 !!

passwd -u 解锁用户

[root@evan-01 ~]# tail /etc/shadow
polkitd:!!:18116::::::
postfix:!!:18116::::::
sshd:!!:18116::::::
chrony:!!:18116::::::
evan1:$6$sZaQ18JJ$a3fX2DGLV/ag4CJAdhb/zbJFqQTR6cAW/Grs7HwdkE6mDit8CRW4uw43LiWDWjn/JSsfYGqUcJSY6ul9ruUgX0:18121:0:99999:7:::
evan2:!!:18117:0:99999:7:::
user1:!!$6$tEdKB6NX$XqPFZAI.5DO9dpe9xRt3vEpPR6RT4RzjOOqcHPbwzLerUqs5G61NbvMZuckJk150/DijWokQRq5IKdoZ/K9ip1:18122:0:99999:7:::
user2:!!:18122:0:99999:7:::
user3:!!:18122:0:99999:7:::
user4:!!:18122:0:99999:7:::
[root@evan-01 ~]# passwd -u user1
Unlocking password for user user1.
passwd: Success
[root@evan-01 ~]# tail /etc/shadow
polkitd:!!:18116::::::
postfix:!!:18116::::::
sshd:!!:18116::::::
chrony:!!:18116::::::
evan1:$6$sZaQ18JJ$a3fX2DGLV/ag4CJAdhb/zbJFqQTR6cAW/Grs7HwdkE6mDit8CRW4uw43LiWDWjn/JSsfYGqUcJSY6ul9ruUgX0:18121:0:99999:7:::
evan2:!!:18117:0:99999:7:::
user1:$6$tEdKB6NX$XqPFZAI.5DO9dpe9xRt3vEpPR6RT4RzjOOqcHPbwzLerUqs5G61NbvMZuckJk150/DijWokQRq5IKdoZ/K9ip1:18122:0:99999:7:::
user2:!!:18122:0:99999:7:::
user3:!!:18122:0:99999:7:::
user4:!!:18122:0:99999:7:::
[root@evan-01 ~]#

前后进行了一下对比,我们发现,解锁用户后,密码前面的 !! 号没了

分享另一种锁定命令和属性 usermod -L

[root@evan-01 ~]# tail /etc/shadow
polkitd:!!:18116::::::
postfix:!!:18116::::::
sshd:!!:18116::::::
chrony:!!:18116::::::
evan1:$6$sZaQ18JJ$a3fX2DGLV/ag4CJAdhb/zbJFqQTR6cAW/Grs7HwdkE6mDit8CRW4uw43LiWDWjn/JSsfYGqUcJSY6ul9ruUgX0:18121:0:99999:7:::
evan2:!!:18117:0:99999:7:::
user1:$6$tEdKB6NX$XqPFZAI.5DO9dpe9xRt3vEpPR6RT4RzjOOqcHPbwzLerUqs5G61NbvMZuckJk150/DijWokQRq5IKdoZ/K9ip1:18122:0:99999:7:::
user2:!!:18122:0:99999:7:::
user3:!!:18122:0:99999:7:::
user4:!!:18122:0:99999:7:::
[root@evan-01 ~]# usermod -L user1
[root@evan-01 ~]# tail /etc/shadow
polkitd:!!:18116::::::
postfix:!!:18116::::::
sshd:!!:18116::::::
chrony:!!:18116::::::
evan1:$6$sZaQ18JJ$a3fX2DGLV/ag4CJAdhb/zbJFqQTR6cAW/Grs7HwdkE6mDit8CRW4uw43LiWDWjn/JSsfYGqUcJSY6ul9ruUgX0:18121:0:99999:7:::
evan2:!!:18117:0:99999:7:::
user1:!$6$tEdKB6NX$XqPFZAI.5DO9dpe9xRt3vEpPR6RT4RzjOOqcHPbwzLerUqs5G61NbvMZuckJk150/DijWokQRq5IKdoZ/K9ip1:18122:0:99999:7:::
user2:!!:18122:0:99999:7:::
user3:!!:18122:0:99999:7:::
user4:!!:18122:0:99999:7:::
[root@evan-01 ~]# 

前后进行了一下对比,我们发现,锁定用户后,密码前面多了一个 ! 号

分享另一种解锁命令和属性 usermod -U

[root@evan-01 ~]# tail /etc/shadow
polkitd:!!:18116::::::
postfix:!!:18116::::::
sshd:!!:18116::::::
chrony:!!:18116::::::
evan1:$6$sZaQ18JJ$a3fX2DGLV/ag4CJAdhb/zbJFqQTR6cAW/Grs7HwdkE6mDit8CRW4uw43LiWDWjn/JSsfYGqUcJSY6ul9ruUgX0:18121:0:99999:7:::
evan2:!!:18117:0:99999:7:::
user1:!$6$tEdKB6NX$XqPFZAI.5DO9dpe9xRt3vEpPR6RT4RzjOOqcHPbwzLerUqs5G61NbvMZuckJk150/DijWokQRq5IKdoZ/K9ip1:18122:0:99999:7:::
user2:!!:18122:0:99999:7:::
user3:!!:18122:0:99999:7:::
user4:!!:18122:0:99999:7:::
[root@evan-01 ~]# usermod -U user1
[root@evan-01 ~]# tail /etc/shadow
polkitd:!!:18116::::::
postfix:!!:18116::::::
sshd:!!:18116::::::
chrony:!!:18116::::::
evan1:$6$sZaQ18JJ$a3fX2DGLV/ag4CJAdhb/zbJFqQTR6cAW/Grs7HwdkE6mDit8CRW4uw43LiWDWjn/JSsfYGqUcJSY6ul9ruUgX0:18121:0:99999:7:::
evan2:!!:18117:0:99999:7:::
user1:$6$tEdKB6NX$XqPFZAI.5DO9dpe9xRt3vEpPR6RT4RzjOOqcHPbwzLerUqs5G61NbvMZuckJk150/DijWokQRq5IKdoZ/K9ip1:18122:0:99999:7:::
user2:!!:18122:0:99999:7:::
user3:!!:18122:0:99999:7:::
user4:!!:18122:0:99999:7:::
[root@evan-01 ~]# 

前后进行了一下对比,我们发现,解锁用户后,密码前面的 ! 没了

passwd --stdin 另一种更改密码方法
passwd --stdin 另一种更改密码方法,只需要输入一次密码,并且是明文的

[root@evan-01 ~]# passwd --stdin user1
Changing password for user user1.
abcdefg
passwd: all authentication tokens updated successfully.
[root@evan-01 ~]# 

另外一种简单的写法

[root@evan-01 ~]# echo gfedcba | passwd --stdin user1
Changing password for user user1.
passwd: all authentication tokens updated successfully.
[root@evan-01 ~]# 

| 这个叫管道符,作用是把前面命令输出的内容直接赋给后面,这样的话,我们就不需要再单独输入密码了,相当于已经提前把密码设置了

拓展,echo -e
echo -e 会对要输出的字符里面的特殊符号进行处理,而不是简单的当成字符串处理

若字符串中出现以下字符,则特别加以处理,而不会将它当成一般文字输出:

字符 含义
\a 发出警告声
\b 删除前一个字符
\c 最后不加上换行符号
\f 换行但光标仍旧停留在原来的位置
\n 换行且光标移至行首
\r 光标移至行首,但不换行
\t 插入tab
\v 与\f相同
\ 插入\字符
\nnn 插入nnn(八进制)所代表的ASCII字符
[root@evan-01 ~]# echo -e "123\n456"
123
456
[root@evan-01 ~]# 

一行搞定,不需要重复输入密码

[root@evan-01 ~]# echo -e "tgbRFV43w2\ntgbRFV43w2" | passwd user1
Changing password for user user1.
New password: Retype new password: passwd: all authentication tokens updated successfully.
[root@evan-01 ~]# 
上一篇:Shell编程之正则表达式(三)


下一篇:L2-022 重排链表 (25 分)