Locking and Unlocking of Accounts

By Using the passwd   -l command the root could lock the passwd of a user. A locking is performed through rendering the encrypted password into an invalid string (through prefixing the encrypted string with an!).

Let consider the following example.

[root@icg3 unix]# passwd -l unix

Changing password for user unix

Locking password for user unix

passwd: Success

[root@icg3 unix]#

The "!" mark could be found in the starting of the encrypted password string in the /etc/shadow file.

[root@icg3 unix]# cat /etc/shadow | grep unix unix:!$1$aya1el49$x9PHEvual1SjovjT0uiQe/:11467:0:99999:7:-1:-1:134532716 [root@icg3 unix]#

For unlocking purpose use -u option has to be used , the -u option will unlock the account password by removing the! .

prefix. This option is available to root only.

[root@icg3 unix]# passwd -u unix

Changing password for user unix

Unlocking password for user unix

passwd: Success

[root@icg3 unix]#

In the given examples, the password of the user named unix has been and the output show which it is successful. The 2^nd step checks the /etc/shadow file for the!. The 3^rd step unlocks the password of the user and here again it denotes which is successful.

Within   Solaris   environment,   a   user's   password   could  be   locked   through   using "-l   "   option   within   the passwd command. 

Example

 # passwd -l unix  <-  for lock the account named unix

 # passwd     unix <-  for unlock the account through issuing a new password.