Linux turn OFF password expiration / aging
/etc/shadow stores actual password in encrypted format for user’s account with additional properties related to user password.
The password expiration information for a user is contained in the last 6 fields. Password expiration for a select user can be disabled by editing the /etc/shadow file
However I recommend using chage command. The chage command changes the number of days between password changes and the date of the last password change.
This information is used by the system to determine when a user must change his/her password.
To list current aging type chage command as follows:
# chage -l vivek
Last password change : August 23, 2013 Password expires : never Password inactive : never Account expires : never Minimum number of days between password change : 0 Maximum number of days between password change : 99999 Number of days of warning before password expires : 7
To disable password aging / expiration for user foo, type command as follows and set:
Minimum Password Age to 0
Maximum Password Age to 99999
Password Inactive to -1
Account Expiration Date to -1
Interactive mode command:
# chage username
# chage -I -1 -m 0 -M 99999 -E -1 username
- Understanding /etc/shadow file (robdurdle.com)
Browse Like Bond: Use Any Computer Without Leaving a Trace with Tails
If James Bond logs on to a computer, he doesn’t want to leave a bunch of files, cookies, or his IP address out there for someone to find. It might seem extreme, but sometimes it’s a good idea to take the same precautions yourself.
In this post, we’ll walk through how to use a USB stick or DVD to anonymize, encrypt, and hide everything you do on a computer no matter where you are. When we say “browse without leaving a trace”, we truly mean it. Using the Linux-based, live-boot operating system Tails (The Amnesiac Incognito Live System), you can use any computer anywhere without anyone knowing you were ever on it. Tails is a portable operating system with all the security bells and whistles you’ll ever need already installed on it. You can install Tails on one of your many dust-gathering USB drives or a DVD. We’ll show you how to set up your own portable boot disc in the second section, but let’s start by taking a look at what you get with Tails.
What Tails Is and What’s Packed Into It
The magic of Tails is that you don’t have to do a lick of work: once you create your boot disc you’ll have a completely anonymous, totally private operating system preloaded with all the software you (or James Bond) would need. What’s packed into it? Let’s take a look.
The Software Packed Directly into Tails
Once you create your Tails boot disc, you’ll be ready to reboot your computer into an encrypted and private operating system preloaded with all the software you’ll need to browse the web, email, IM, and edit documents. Regardless of whether you choose a DVD or USB nothing you do is left on the computer you booted from.
- Built-in online anonymity: The key feature that’s going to appeal to most people is Tails’ built-in online anonymity. This comes in the form of the customized web browser Iceweasel built using the anonymous web browsing technology from Tor. The browser also includes popular security extensions like HTTPS Everywhere for secure browsing, Adblock Plus to block ads, and NoScript to block Java and Flash. Other than those features, the web browser works exactly like you’d expect a web browser to work.
- Built-in encrypted email and chat: Additionally, you also get encrypted and private messaging. Tails includes the Claws email client with OpenPGP for email encryption and the instant messaging client Pidgin with an OTR cryptography tool that encrypts your IM conversations.
- Built-in file encryption: When boot Tails from a USB drive instead of a DVD, you can save documents to the thumb drive and they’re automatically encrypted using an encryption specification called LUKS. (Since the DVD is read-only, you can’t save any files—which is its own form of security.)
- A full suite of editing software: On top your web access being private you also get a full suite of work and creative software. Tails comes preloaded with Openoffice for editing documents, Gimp for editing photos, Audacity for editing sound, and plenty more additional software.
Now let’s walk through how to set up a boot disc for yourself.
Step-by-Step Guide to Set Up Your Own Tails DVD or USB Drive
Tails is pretty easy to set up on your own and it doesn’t differ much from setting up any other Linux Live CD. However, a few extra steps do exist to verify your download.
Step 1: Download the Necessary Files
You need to download two different files to get started with Tails: an ISO (an image of Tails that is burned to a disc) and a cryptographic signature to verify the ISO image:
- The ISO Image (Direct download / Torrent)
- Cryptographic Signature (Direct download / Torrent)
The developers behind Tails recommend you verify your Tails ISO to make sure it’s an officially released version that hasn’t been tampered with. We won’t walk through that process here, but they have instructions on their web site for Windows and Mac or Linux.
Step 2: Burn Tails to a CD/DVD
You can find documentation for creating a Tails USB from scratch on each operating system here. Alternately, you can more easily make bootable USB installation of Tails after you boot from a Tails live DVD. For our purposes we’re going to burn Tails to a bootable DVD because it’s an easier process than creating a USB stick from scratch.
On Windows: Right-click the ISO image, select Burn Disc Image, select your DVD drive.
On Mac: Right-click the ISO image, select Burn “tails…” to Disc, select your DVD drive.
Once it’s finished burning let’s boot into Tails and kick the tires.
Step 4: Boot into Tails
Stick your Tails DVD, CD, or thumb drive into your computer and reboot. The process for booting into a disc or external drive depends on your system, so lets look at how to do it on Windows and Mac.
On a Windows System: Different Windows computers have different default settings for booting from an external drive. If yours doesn’t already check for a boot DVD first you can always edit the BIOS boot order (often the DEL key at startup) to make sure your computer looks for a CD or USB before it starts. Alternately, you can closely watch the BIOS screen at the beginning of your computers startup for the Boot options shortcut (usually one of the function keys). When you get to the boot option menu, select your DVD drive and you’ll boot into Tails.
On a Mac System: When you turn on your Mac immediately press and hold down the Option key to access the Startup Manager. Select the Tails DVD (the description will actually say “Windows”) and you’ll boot into Tails.
Step 5 (Optional): Clone the DVD onto a USB Drive
Now that you’re booted into Tails it’s easy to clone your boot DVD onto a USB drive directly from the Tails operating system. Here’s what you need to do:
- Connect your USB drive to your computer.
- Select Applications > Tails > Tails USB Installer.
- Click the Clone and Install Button.
- Select your USB drive, click “Create Live USB Drive” and let the program run.
When the installation is complete you’ll have a bootable USB drive. The benefit of the USB drive is that any files you create in Tails are saved and encrypted directly on your device. However, a USB drive could theoretically be hacked into if you leave it around which is why the ultra-paranoid might prefer a read-only DVD for Tails.
Also, Macs don’t support USB booting without downloading and installing additional software called rEFit. This means you have to download and install rEFit on every Mac you want to boot into Tails from a USB drive.
Creating a bootable Tails disc is a simple process and a great use for one of those USB drives you have laying around doing nothing. Since you can use Tails on about any public computer you run into it’s a great way to keep your browsing and usage hidden from the world. It’s even beneficial on your home computer since you don’t have to alter your system in any way.
- Skyfall – Cyber War Becomes Cool (infosecprofessional.com)
You must be logged in to post a comment.