Deny user login by locking out account
Pass -l option to
passwd command. It is used to lock the specified account and it is available to
root only. The locking is performed by rendering the encrypted password into an
invalid string and by prefixing the encrypted string with an !.
Syntax
passwd -l {username}
passwd -l rajesh
Unlock account or allow login
To allow login
use passwd command as follows:
passwd -u {username}
Passwd -u rajesh
This is the
reverse of the -l option - it will unlock the account password by removing the
! prefix.
/sbin/nologin shell
/sbin/nologin
displays a message that an account is not available and exits non-zero. It is
intended as a replacement shell field for accounts that have been disabled or
login is blocked.
Example: Deny login for rajesh user
Type the command
as follows (login as root user):
# passwd -l rajesh
# passwd -l rajesh
or
You can also change shell to /sbin/nologin:
# usermod -s /sbin/nologin rajesh
You can also change shell to /sbin/nologin:
# usermod -s /sbin/nologin rajesh
Example: Allog login for rajesh user
Type the command
as follows (login as root user):
# passwd -u rajesh
# passwd -u rajesh
or
You can also need change back shell from /sbin/nologin to /bin/bash:
# usermod -s /bin/bash rajesh
You can also need change back shell from /sbin/nologin to /bin/bash:
# usermod -s /bin/bash rajesh