How do I disable a user account under Linux operating systems? How can I completely disable a user account Linux server?

You need to use the usermod command to lock and disable user account. The -L option lock user’s password by putting a ! in from of the the encrypted password. To disable user account set expire date to one or 1970-01-01.

ADVERTISEMENTS

Syntax

The syntax is:

usermod -L -e 1 {user}
usermod -L -e 1970-01-01 {user}

Example

In this example, local disable a user account for raj user:
# usermod -L -e 1 raj
When raj try to login he will greeted with the following message on screen

Your account has expired; please contact your system administrator

However, ssh client will not show any message:
$ ssh raj@server1.cyberciti.biz
Sample outputs:

raj@server1.cyberciti.biz's password: 
Permission denied, please try again.
raj@server1.cyberciti.biz's password: 
Permission denied, please try again.
raj@server1.cyberciti.biz's password: 
Permission denied (publickey,password).

You will see the following log entry in /var/log/secure or /var/log/auth.log file:

Dec  2 02:01:02 wks01 sshd[32285]: Failed password for raj from 192.168.1.100 port 34171 ssh2
Dec  2 02:01:07 wks01 sshd[32285]: Failed password for raj from 192.168.1.100 port 34171 ssh2
Dec  2 02:01:10 wks01 sshd[32285]: Failed password for raj from 192.168.1.100 port 34171 ssh2

Use chage command to see current status of the user account:
# chage -l raj
Sample outputs:

Last password change					: Dec 01, 2012
Password expires					: never
Password inactive					: never
Account expires						: Jan 02, 1970
Minimum number of days between password change		: 0
Maximum number of days between password change		: 99999
Number of days of warning before password expires	: 7

See also

• Help: Old Employees Accessing The Linux Server
• man pages chage, passwd, usermod, and useradd