Q. How do I deny or block user login for user id tom? I’m using CentOS 5 Linux server OS.
A.. You need to use passwd command.
Deny user login by locking out account
Pass -l option to passwd command. It is used to lock the specified account and it is available to root only. The locking is performed by rendering the encrypted password into an invalid string and by prefixing the encrypted string with an !.
Syntax
passwd -l {username}
Unlock account or allow login
To allow login use passwd command as follows:
passwd -u {username}
This is the reverse of the -l option - it will unlock the account password by removing the ! prefix.
/sbin/nologin shell
/sbin/nologin displays a message that an account is not available and exits non-zero. It is intended as a replacement shell field for accounts that have been disabled or login is blocked.
Example: Deny login for tom user
Type the command as follows (login as root user):
# passwd -l tom
You can also change shell to /sbin/nologin:
# usermod -s /sbin/nologin tom
Example: Allog login for tom user
Type the command as follows (login as root user):
# passwd -u tom
You can also need change back shell from /sbin/nologin to /bin/bash:
# usermod -s /bin/bash tom
For more information and other options read passwd command man page.
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- My 10 UNIX Command Line Mistakes
- Linux: 20 Iptables Examples For New SysAdmins
- 25 PHP Security Best Practices For Sys Admins
- The Novice Guide To Buying A Linux Laptop
- 10 Greatest Open Source Software Of 2009
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Linux Video Editor Software
Facebook it - Tweet it - Print it -
