在 RHEL 7.9 中,我passwd -S对所有帐户执行此操作/etc/passwd作为检查用户帐户的一部分。
# passwd -S <account name>
root PS 1969-12-30 0 99999 7 -1 (Password set, SHA512 crypt.)
bin LK 2019-08-22 0 99999 7 -1 (Alternate authentication scheme in use.)
daemon LK 2019-08-22 0 99999 7 -1 (Alternate authentication scheme in use.)
adm LK 2019-08-22 0 99999 7 -1 (Alternate authentication scheme in use.)
lp LK 2019-08-22 0 99999 7 -1 (Alternate authentication scheme in use.)
sync LK 2019-08-22 0 99999 7 -1 (Alternate authentication scheme in use.)
shutdown LK 2019-08-22 0 99999 7 -1 (Alternate authentication scheme in use.)
halt LK 2019-08-22 0 99999 7 -1 (Alternate authentication scheme in use.)
mail LK 2019-08-22 0 99999 7 -1 (Alternate authentication scheme in use.)
operator LK 2019-08-22 0 99999 7 -1 (Alternate authentication scheme in use.)
games LK 2019-08-22 0 99999 7 -1 (Alternate authentication scheme in use.)
ftp LK 2019-08-22 0 99999 7 -1 (Alternate authentication scheme in use.)
nobody LK 2019-08-22 0 99999 7 -1 (Alternate authentication scheme in use.)
systemd-network LK 2021-06-10 -1 -1 -1 -1 (Password locked.)
dbus LK 2021-06-10 -1 -1 -1 -1 (Password locked.)
polkitd LK 2021-06-10 -1 -1 -1 -1 (Password locked.)
libstoragemgmt LK 2021-06-10 -1 -1 -1 -1 (Password locked.)
ron PS 2021-09-06 1 90 14 5 (Password set, SHA512 crypt.)
这是从 DVD 中全新安装的 RHEL 7.9 x86-64。以上是passwd -S对所有帐户执行的摘录/etc/passwd。有人可以告诉我什么意思以及对这些帐户执行某种命令(如果是的话是什么)(Alternate authentication scheme in use.)是否谨慎?passwdchage
基本上我预计在审计期间告诉我如何保护和管理用户帐户问题所以我解释一下我对 /etc/passwd 中的所有帐户执行 passwd -S但我该如何解释正在使用的替代身份验证方案?
fwiw,我正在chage -m 1 -M 90 -W 14 -I 5所有常规用户帐户上执行此操作。