Just Another IT Blog

It's time to share some of my experiences, crazy ideas, tips and tricks !!!

Post Page Advertisement [Top]

If your company requires you to provide a strong password control and you want to have an expiration date for the root account, you can accomplish it with chage command.

chage -M root

Where, X is the number of days until expiration.

Or implement more complex password policy with PAM.

But you might realize that after a reboot the root account turns to a state of password never expires.

It’s because the root password expiration information was not preserved across hostd restarts. A new tag called rootPasswdExpiration is added to the /etc/vmware/hostd/config.xml file from VMware ESX 3.5, Patch ESX350-200810201-UG.
If this rootPasswdExpiration tag is set to True, then the number of days to expiration will be preserved across hostd restarts.

After setting the rootPasswdExpiration tag in the /etc/vmware/hostd/config.xml file as True, run the chage command again.

There it goes

Bottom Ad [Post Page]