Howto set or force user to change a password at first login under Linux

Posted by Vivek Gite [Last updated: February 20, 2007]

Recently I got a question that read as follows:

How do I force user foo to change a password at the first time login using ssh?

As a sys admin you may need this kind of facility. There are many ways to achieve this.

You can set empty/null password and use passwd command to expire password. This will result into immediate password change for the first time.

For example you just need to type following two commands:
# usermod -p “” foo # chage -d 0 foo

You can also ignore first command if foo is already exists in system.

Tell us how we're doing: Please answer a few questions about your experience to help us improve nixCraft.

Dragan Says: March 11th, 2008 at 9:36 pm
Hi, but if you are running a Debian based distro on your server it is necessary to add the ’shadow’ file into your ‘/etc/’ directory if you want this to work. So, to do this execute the following command ‘pwconv’ from CLI and the ‘/etc/shadow’ file will be automatically created. After that execute the ‘chage -d 0 username’. And that it’s.

Cheers.
Bob Clampett Says: August 22nd, 2008 (3 weeks ago) at 2:48 pm
Here are a set of scripts that work with RHEL 5.2. as Bash scripts.

userlist.txt - Contains a set of UID’s to be created.

useradd.sh - creates the UID’s

pass.sh - Changes the password for the uids defined in userlist.txt

passch.sh - sets the UID password to expire (forces the user the change password @ logon)

Example:
userlist.txt:
bob
tom
chickmcgee

useradd.sh:
#!/bin/sh

for i in `more userlist.txt`

do

echo ${i}
adduser ${i
}
done

pass.sh:
#!/bin/sh

for i in `more /root/users/userlist.txt `

do

echo ${i}
echo ${i}”1234″ | passwd –stdin ${i}

echo; echo “User ${i}.s password changed!”

done

passch.sh:
#!/bin/sh

for i in `more userlist.txt `

do

echo $i

echo ${i} | chage -d 0 ${i}

echo; echo “User $i will be forced to change password on next login!”

done