HowTO: Linux Disable a User Account Command

Posted on in Categories last updated December 1, 2012

How do I disable a user account under Linux operating systems? How can I completely disable a user account Linux server?

You need to use the usermod command to lock and disable user account. The -L option lock user’s password by putting a ! in from of the the encrypted password. To disable user account set expire date to one or 1970-01-01.

Syntax

The syntax is:

usermod -L -e 1 {user}
usermod -L -e 1970-01-01 {user}

Example

In this example, local disable a user account for raj user:
# usermod -L -e 1 raj
When raj try to login he will greeted with the following message on screen

Your account has expired; please contact your system administrator

However, ssh client will not show any message:
$ ssh [email protected]
Sample outputs:

[email protected]'s password: 
Permission denied, please try again.
[email protected]'s password: 
Permission denied, please try again.
[email protected]'s password: 
Permission denied (publickey,password).

You will see the following log entry in /var/log/secure or /var/log/auth.log file:

Dec  2 02:01:02 wks01 sshd[32285]: Failed password for raj from 192.168.1.100 port 34171 ssh2
Dec  2 02:01:07 wks01 sshd[32285]: Failed password for raj from 192.168.1.100 port 34171 ssh2
Dec  2 02:01:10 wks01 sshd[32285]: Failed password for raj from 192.168.1.100 port 34171 ssh2

Use chage command to see current status of the user account:
# chage -l raj
Sample outputs:

Last password change					: Dec 01, 2012
Password expires					: never
Password inactive					: never
Account expires						: Jan 02, 1970
Minimum number of days between password change		: 0
Maximum number of days between password change		: 99999
Number of days of warning before password expires	: 7
See also

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

3 comment

  1. hi,

    when I type into root # usermod -L -e 1 raj this command and press f2 to log into the user Smith it still allows me to log into his account. I’m trying to disable the user account.

    please help!

    1. usermod -L -e 1 raj is the example you should replace raj with your users account name exactly as it appears since it is case sensitive.

      EX.
      username is Smith
      command should be : usermod -L -e 1 Smith

Leave a Comment