Follow Us

Soluții pentru problemele tale IT

Home /Social /How to check if user account is locked or not in Linux
Home /Soluții /How to check if user account is locked or not in Linux

How to check if user account is locked or not in Linux

  • Data 14/07/2023
  • Autor Iulian gheorghe
  • Categorie Social, Soluții
  • 3
  • 294
Configurare noua (How To)

Situatie

Check account status in Linux with passwd command

To check if an account is locked in Linux, you can use the passwd command with the -S option. Here’s how you can do it:

  • Open a terminal or SSH into the Linux system as a user with sufficient privileges (such as the root user or a user with sudo access).
  • Run the following command, replacing <username> with the username of the account you want to check:

passwd -S <username>

  • For example, to check if the account “kent” is locked, you would run:

passwd -S kent

The output of the command will provide information about the account status. If the account is locked, you will see an “L” or “LK” in the second field of the output. If the account is unlocked, you will see “P” or “PS” in the second field.

“L” or “LK” indicates that the account is locked.
“P” or “PS” indicates that the account is unlocked.

Here’s an example of the output when an account is locked:

john LK 2021-06-01 0 99999 7 -1 (Password locked.)

And here’s an example of the output when an account is unlocked:

john PS 2021-06-01 0 99999 7 -1 (Password set, SHA512 crypt.)

Check account locked or not in Linux with /etc/shadow file

Apart from the methods mentioned earlier, there is another way to check if an account is locked in Linux by examining the /etc/shadow file. The /etc/shadow file stores the password information for user accounts.

The `/etc/shadow` file in Linux contains the hashed password information for the system’s users, among other things. It is the file where the user’s password (in hashed format), password expiry information, and account status are stored.

To check if a user’s account is locked, you can inspect the password field in the `/etc/shadow` file for that user.

Here is a typical entry in the `/etc/shadow` file:

username:$6$KBzX3L6T$VY5ddba27R4KDAY/:18599:0:99999:7:::

The entry is made up of several fields separated by colons:

1. Username
2. Password (hashed)
3. Last password change (days since UNIX epoch)
4. Minimum password age
5. Maximum password age
6. Password warning period
7. Password inactivity period
8. Account expiration date
9. Reserved field

The password field (2nd field) is where you can see if an account is locked. If the password field contains `!` or `*`, the account is locked.

You can use the `grep` command to quickly check a user’s entry. Replace `username` with the name of the user you want to check:

sudo grep "^username:" /etc/shadow

The `^` symbol ensures that lines starting with the username are matched (to avoid matching usernames that contain the target username as a substring).

Please note that you need to have superuser (root) privileges to read the `/etc/shadow` file. That’s why the `sudo` command is used.

Here’s an example of an entry in the `/etc/shadow` file for a **locked** account (for a user named `lockeduser`):

lockeduser:!$6$KBzX3L6T$VY5ddba27R4KDAY/:18599:0:99999:7:::

In this example, you’ll notice a `!` symbol right at the beginning of the password hash. This indicates that the account is locked, and the user won’t be able to log in using password authentication.

And here’s an example for an **unlocked** account (for a user named `unlockeduser`):

unlockeduser:$6$KBzX3L6T$VY5ddba27R4KDAY/:18599:0:99999:7:::

In this case, the password field begins with the hash algorithm ID (`$6$` stands for SHA-512), followed by the salt and the hashed password. There’s no `!` or `*` symbol at the beginning, indicating that this account is unlocked and the user should be able to log in with their password.

Please note that the actual hash and salt values in your `/etc/shadow` file will be different. The ones used in these examples are for illustrative purposes.

how to unlock account in Linux

If the account is locked, you can unlock it using the passwd command with the -u option. For example:

passwd -u <username>

Replace <username> with the actual username of the locked account.

Note: The specific command and options may vary slightly depending on the Linux distribution you are using.

You can also use usermod command with the -L switch to lock the given user account.

Run the usermod command with the -U switch to unlock the given user account.

# usermod --unlock howtouselinux

or

# usermod -U howtouselinux

Solutie

Tip solutie

Permanent
Etichetare: linuxlockeduser account

Voteaza

Up Down
(9 din 15 persoane apreciaza acest articol)
Share
Tweet
Share

Despre Autor

Iulian gheorghe

Solutii Asemanatoare

  • How to Fix Windows 11 Freezing on Startup -3
  • How to add USB-C to any Windows PC -2
  • Maintenance and troubleshooting of mobile terminals’ applications’ functionality 2
  • External/secondary monitor not working (in Windows) – possible reasons -2
  • Cum cream un folder nou folosind comanda md in Command Prompt -2
  • Accesarea aplicatiei Magnifier folosind Run in Windows 10 -1

Leave A Comment? × Cancel Reply

28623

Soluții Disponibile

0 Articole

In ultima saptamana

Cele mai recente soluții

  • How to Fix Windows 11 Freezing on Startup
    • 50
    • 5 days ago
  • How to add USB-C to any Windows PC
    • 41
    • 19/11/2024
  • Maintenance and troubleshooting of mobile terminals’ applications’ functionality
    • 39
    • 19/11/2024
  • External/secondary monitor not working (in Windows) – possible reasons
    • 42
    • 19/11/2024
  • Cum cream un folder nou folosind comanda md in Command Prompt
    • 29
    • 19/11/2024
© Askit.ro, 2014 - 2024. Toate drepturile rezervate. Realizat de OptimumDesk | GDPR | Email: contact(@)askit.ro
Share
Tweet
Share