Q1: How to set a username and password to never expire?

Short Answer

To set a user’s password to never expire in Linux, use:

To verify:

Detailed Explanation

Linux controls password aging using the chage (change age) command.

Important Options:

• -M → Maximum number of days a password is valid

• -E → Account expiration date

• -I → Inactive days after password expires

To Make Password Never Expire

This sets maximum password age to unlimited.

If you also want the account to never expire:

To Check Current Expiry Settings

Example output:

Production (Real Scenario)

Scenario:

You have a service account used by:

• Application services

• Cron jobs

• Monitoring tools

If the password expires:

• Application fails
• Cron jobs stop
• Production outage

To prevent this:

• Set password expiry to never

• But restrict login shell (/sbin/nologin)

• Use strong password policies

Example:

Important Security Note

In production:

• Never set normal human user passwords to never expire

• Only service accounts should have non-expiring passwords

• Use password vault or IAM where possible

Behind the Scenes

Password aging details are stored in:

Fields affected:

• Maximum password age

• Password expiry date

• Inactive days

Interview One-liner

“In production, we use chage -M -1 to prevent service account password expiry, but never disable expiry for regular users due to security compliance.”