4

I am looking for a way to configure Linux machine so any time a new user is created, he/she will have to set a new password on first login.

To clarify the task here are assumptions:

  • I am not looking for using chage -d 0 command every time user is created.
  • I do not want to create a new useradd script that would do this thing as 'extra'.
  • I am looking for a change, maybe in /etc/pam.d files that would allow my Linux administrator setting up 'global' requirement for an external tool that creates accounts.

Please let me know if you know that it is possible or if it is not possible. Either way.

I have went through PAM a lot in the last two days, and I cannot solve this part.

Grzegorz
  • 286
  • 3
  • 14

1 Answers1

3

http://linuxers.org/howto/how-force-users-change-their-password-upon-first-login

"How to force every new user to change password at first login

For this change we need to change the default setting of useradd command.

[root]# vim /etc/default/useradd

Look for the line or just append the following line in the file.

Expire=0"

Or

http://www.cyberciti.biz/faq/rhel-debian-force-users-to-change-passwords/

You can change the password expiry with usermod and that will enforce a password change.

A. You can use any one of the following command to change user passwords upon the first login: [a] usermod command - Modify various user account properties including user password expiry information.

Or

can set empty/null password and use passwd command to expire password. This will result into immediate password change for the first time.

keldwud
  • 46