To set a user account to never expire in Linux, use:
To verify:
In Linux, user account expiration is controlled by the shadow file:
Each user entry contains:
Password aging info
Account expiration date
Password expiration days
The chage command modifies these parameters safely.
-E -1 → Removes account expiration date.
You should see:
| Setting | Command | Purpose |
|---|---|---|
| Password never expires | chage -M -1 user |
Password won’t expire |
| Account never expires | chage -E -1 user |
Account won’t disable |
Many candidates confuse these two in interviews.
A service account running a banking application suddenly stops working.
Root cause:
Password expired automatically.
Application cannot authenticate.
Impact:
Production outage.
Payment gateway stopped.
For service accounts:
✔ No password expiry
✔ No account expiry
Never set regular user accounts to never expire.
Only use for:
Service accounts
Application accounts
Monitoring agents
For human users:
Enforce password policies
Use /etc/login.defs
Follow compliance rules
“In production, we set account never expire using
chage -E -1, especially for service accounts, but regular user accounts should follow password policies for security compliance.”
Not a member yet? Register now
Are you a member? Login now