≡ Menu

account password

Linux: Force Users To Change Their Passwords Upon First Login

How can I force my Linux users to change their passwords upon the first login under a CentOS / Debian Linux? How do I make sure user must change password at next logon on Linux server?
[click to continue…]

Q. I’ve recently changed email user account password using passwd command, for one my postfix email server which requires SMTP authentication before sending an email. Now following error is logged into my /var/log/maillog file:

ERROR: Password not accepted from server: 535 5.7.0 Error: authentication failed: authentication failure

How do I solve this problem under Red Hat enterprise Linux running Postfix with SASL authentication?
[click to continue…]

Linux deny or block user login

Q. How do I deny or block user login for user id tom? I’m using CentOS 5 Linux server OS.

A.. You need to use passwd command.

Deny user login by locking out account

Pass -l option to passwd command. It is used to lock the specified account and it is available to root only. The locking is performed by rendering the encrypted password into an invalid string and by prefixing the encrypted string with an !.


passwd -l {username}

Unlock account or allow login

To allow login use passwd command as follows:
passwd -u {username}

This is the reverse of the -l option – it will unlock the account password by removing the ! prefix.

/sbin/nologin shell

/sbin/nologin displays a message that an account is not available and exits non-zero. It is intended as a replacement shell field for accounts that have been disabled or login is blocked.

Example: Deny login for tom user

Type the command as follows (login as root user):
# passwd -l tom
You can also change shell to /sbin/nologin:
# usermod -s /sbin/nologin tom

Example: Allog login for tom user

Type the command as follows (login as root user):
# passwd -u tom
You can also need change back shell from /sbin/nologin to /bin/bash:
# usermod -s /bin/bash tom

For more information and other options read passwd command man page.