You need to use the usermod command to lock and disable user account. The -L option lock user’s password by putting a ! in from of the the encrypted password. To disable user account set expire date to one or 1970-01-01.
| Tutorial details | |
|---|---|
| Difficulty | Easy (rss) |
| Root privileges | Yes |
| Requirements | Linux |
| Time | N/A |
ADVERTISEMENTS
Syntax
The syntax is:
usermod -L -e 1 {user}
usermod -L -e 1970-01-01 {user}
Example
In this example, local disable a user account for raj user:
# usermod -L -e 1 raj
When raj try to login he will greeted with the following message on screen
Your account has expired; please contact your system administrator
However, ssh client will not show any message:
$ ssh raj@server1.cyberciti.biz
Sample outputs:
raj@server1.cyberciti.biz's password: Permission denied, please try again. raj@server1.cyberciti.biz's password: Permission denied, please try again. raj@server1.cyberciti.biz's password: Permission denied (publickey,password).
You will see the following log entry in /var/log/secure or /var/log/auth.log file:
Dec 2 02:01:02 wks01 sshd[32285]: Failed password for raj from 192.168.1.100 port 34171 ssh2 Dec 2 02:01:07 wks01 sshd[32285]: Failed password for raj from 192.168.1.100 port 34171 ssh2 Dec 2 02:01:10 wks01 sshd[32285]: Failed password for raj from 192.168.1.100 port 34171 ssh2
Use chage command to see current status of the user account:
# chage -l raj
Sample outputs:
Last password change : Dec 01, 2012 Password expires : never Password inactive : never Account expires : Jan 02, 1970 Minimum number of days between password change : 0 Maximum number of days between password change : 99999 Number of days of warning before password expires : 7
See also
- Help: Old Employees Accessing The Linux Server
- man pages chage, passwd, usermod, and useradd
🐧 If you liked this page, please support my work on Patreon or with a donation.
🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:
🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:
- RSS feed or Weekly email newsletter
- Share on Twitter • Facebook • 3 comments... add one ↓
UP NEXT
Linux Check User Password Expiration Date and Time
OpnBSD PPTP Client: Install and Create a VPN
How to Create a new user account in CentOS 7/8
Systemd systemctl list all failed units/services on Linux
Linux / Unix: last Command Examples
Understanding /etc/shadow file
How to add days to date and get new date on Linux
| Category | List of Unix and Linux commands |
|---|---|
| File Management | cat |
| Firewall | Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
| Network Utilities | dig • host • ip • nmap |
| OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
| Package Manager | apk • apt |
| Processes Management | bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time |
| Searching | grep • whereis • which |
| User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
| WireGuard VPN | Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
Hi,
thank you
hi,
when I type into root # usermod -L -e 1 raj this command and press f2 to log into the user Smith it still allows me to log into his account. I’m trying to disable the user account.
please help!
usermod -L -e 1 raj is the example you should replace raj with your users account name exactly as it appears since it is case sensitive.
EX.
username is Smith
command should be : usermod -L -e 1 Smith