Changing user passwords freaquenly is kind of good habit, in the means of security. No one reveals the password but still there is a way that it could be revealed for some reasons in emergency. For instance one of the user in office is on leave today but he has important matter is in his system, since he can't login he may tell his fried password to login and finish task. So password revealed. As we know user's don't think of chnaging passwords regularly so, why don't admin do some thing forcefully to get them change the password of their system ha ? good idea .

We can do it by chage command not only this, we can a lot. lets see.

Chage 
 
To check the current password aging details 
 
[root@mail ~]# chage -l test
Last password change                                                           : Sep 29, 2011
Password expires                                                                   : Oct 14, 2011
Password inactive                                                                  : never
Account expires                                                                     : never
Minimum number of days between password change          : 0
Maximum number of days between password change         : 99999
Number of days of warning before password expires           : 7
 
Set password expiry date :

[root@mail ~]# chage -M 15 test
 
using -M option we can set max. password age / expiry date to 15 days since the date of last password change. So user  automatically warned before seven days password expires. 7 days is default time to user get warned to change password.

Once he logs in on 7th Oct, he get waning message, like

ssh test@mail
test@mail's password:
Warning: your password will expire in 7 days
 
Think he neglected to change password even after 7 day's which means after expiry date of password.
ssh test@mail
test@mail's password:
You are reqired to change your password immediately (password aged)
WARNIG: Your password has expired.
You must change your password now and login again!
Chaging password for test
(current)UNIX password:
Enter new UNIX password:
Retype new UNIX password:
Lock Account if its inactive for a while:

If a any user not logged in last 15 days you can set accout to lock, which means inactive and user again come to you to get it active. Only root can activate accoutn.


[root@mail ~]# chage -I 5 test

Set account Expire at given date:

Let's say in your organisation, trainers come for every 2 months.Head office to here, and train staff around for 5 days and leave. So you need to create account for him and get expired on 6th days after he leaves your office.



[root@mail ~]# chage -E 2011-10-04 subbu 
[root@mail ~]# chage -l subbu
Last password change                                                           : Sep 29, 2011
Password expires                                                                   : never
Password inactive                                                                  : never
Account expires                                                                     : Oct 04,2011
Minimum number of days between password change          : 0
Maximum number of days between password change         : 99999
Number of days of warning before password expires           : 7
 
Disabling password Aging:
 
If you want to remove these password aging settings to any user simple follow below steps, which makes to default settings.
Min. expiry days   set -m 0
[root@mail ~]# chage -I 5 test
Max. expiry days  set  -M  99999
 
[root@mail ~]# chage -M 99999 test
   
Inactive mode      set -I  to -1
 
[root@mail ~]# chage -I -1 test
 
Expiry date          set -E  to -1

[root@mail ~]# chage -E -1 test
                           or
 
[root@mail ~]# chage -m 0 -M 99999 -I -1 -E -1 test

Above steps makes Aging settings to normal.