CHAPTER 12 User accounts
For SunOS 4.1.X password aging for a user is started with the passwd command, using either the -x (maximum) or -n (minimum) options and specifying a time limit in days and a user name. This will alter the encrypted password field by adding a comma and 2 digits to the end of it. The first digit is for the maximum time and the second for the minimum. For 14 days or less the digits are zero. For longer than 14 days add 1 for each 7 day period, after rounding up to the nearest whole week value. This means that you have a granularity of a week, with a minimum time of 2 weeks. To set a maximum time of 40 days, and a minimum time of 30 days, for the user frank, execute:
# passwd -x 40 frank
# passwd -n 30 frank
These numbers will be rounded to the next greatest whole week value, converted to weeks, and then have 2 subtracted. So the digit for maximum time will be 4, and that for the minimum time will be 3. You can set a maximum time without a minimum, but not the reverse. The next time the password is changed a 2 character time field will be appended to the encrypted password string, encoding the time into it. So the corresponding entry in /etc/passwd could be:
frank:yPf3M5qMgglUc,437I:101:10:Frank G Fiamingo:/home/tardis/frank:/usr/bin/csh
If there was no minimum then the 3 would be missing.
You can display the values the password aging fields with the -d option to passwd, e.g.:
# passwd -d
frank 9/19/94 35 42
which displays the date the current password was chosen and the minimum and maximum ages allowed.
Unfortunately, password aging in SunOS 4.1.X works only with /etc/passwd, and not with NIS.