does linux store such info about date/hour/minute/second when give user password was changed last time? If so, with which command can view it?
"chage -l user" shows only the day when the password was changed.
kind regards,
linux
does linux store such info about date/hour/minute/second when give user password was changed last time? If so, with which command can view it?
"chage -l user" shows only the day when the password was changed.
kind regards,
Best Answer
Should be an entry in a log saying when
passwd
was run & by whom, similar to:The log file varies depending on the distro, should be somewhere in
/var/log
though, so something like this should search them all (except maybe old gz'd files, tryzgrep
?):Probably in
/var/log/auth.log
on Debian, or/var/log/secure
on RedhatBut if this user can run any commands, they could edit logs too... so watch for unlimited sudo access.
More info: