For security reason you must enable Password expiry policy on FreeBSD box. Linux comes with chage command, which changes the number of days between password changes and the date of the last password change.
FreeBSD pw command
Use pw command to setup password expiry date for existing user account. Syntax is as follows:
pw user mod USERNAME -p DD-MMM-YY
Where,
- -p DD-MMM-YY: Set the account’s password expiration date.
For example, expire user rocky’s password on 31-Mar-2006:
# pw user mod USERNAME -p 31-mar-06
Use pw command to setup password expiry while creating new user account.
pw user add USERNAME -p DATE -e DAYS:
Where,
- -p DAYS: Set default account expiration period in days
- -e DAYS: Set the account’s expiration date.
For example create a user called didi and Set the default password expiration to 30 days.
# pw user add didi -p 30 -d /home/didi -m
# passwd didi
This is good if you have small number of users. For large installation base (such as University computers) you need to define user login class. With login class you can control the following :
- Resource limits
- Accounting limits
- Authentication limits
- Default user environment settings.
- RSS feed or Weekly email newsletter
- Share to Twitter • Facebook • 2 comments... add one ↓
40 Linux Server Hardening Security Tips [2019 edition]
Linux 25 PHP Security Best Practices For Sys Admins
Top 25 Nginx Web Server Best Security Practices
Linux Advanced Hardening With the Capability Bounding Set- How to: Configure User Account to Use a Restricted Shell ( rssh )
Top 20 OpenSSH Server Best Security Practices
21 Examples To Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
| Category | List of Unix and Linux commands |
|---|---|
| File Management | cat |
| Firewall | CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
| Network Utilities | dig • host • ip • nmap |
| OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
| Package Manager | apk • apt |
| Processes Management | bg • chroot • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time |
| Searching | grep • whereis • which |
| User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
| WireGuard VPN | CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
I think you got it wrong:
* -p DAYS: Set default account expiration period in days
* -e DAYS: Set default password expiration period in days
Man pw disagrees 🙂
-p date Set the account’s password expiration date. This field is
similar to the account expiration date option, except that
it applies to forced password changes. This is set in the
same manner as the -e option.
-e date Set the account’s expiration date. Format of the date is
either a UNIX time in decimal, or a date in `dd-mmm-yy[yy]’
format, where dd is the day, mmm is the month, either in
numeric or alphabetic format (‘Jan’, ‘Feb’, etc) and year
andrei,
Thanks for the heads up. The post has been updated.