How To Disable or Lock Linux User Account? – POFTUT

How To Disable or Lock Linux User Account?

How can I disable some Linux account? By disabling it I do not want to remove the account and related files. Just user related operations will be prevented. If an user authentication occurs it will be not authenticated. We will use usermod command to lock user account.

Disable/Lock User Account with usermod Command

We will disable account with the following code.

  • usermod will change user account related attributes and information.
  • -L will lock given account and put ! in the user passwords database before encrypted password.
  • -e 1 will set expire date from 1/1/1970

Disable/Lock User Account with chage Command

chage command is use to set user account expiration time for password. If we set previous than the current date the given account will be locked automatically. We provide the date in YYYY-MM-DD format. In this example we will lock user ismail.

Disable/Lock User Account with passwd Command

We can also use passwd command in order to lock given user account. We will provide -l option which means lock. In this example we will lock user ismail

Disable/Lock User Account From /etc/shadow

/etc/shadow file stores the user password in encrypted format. If ! is added before hash value of the user password the user account will be disabled or locked. As an example we can lock user test with the following line. Attention to the ! at the begging of the password hash value.

Disable/Lock User Account From /etc/passwd

/etc/passwd file also store information about the user. An user account can be also locked from this file in two different ways.

Disable User Login with nologin

We can disable an user account login from the /etc/passwd file at the end of line like /bin/bash which specifies the user shell. We will change to the /bin/nologin which is not a login shell.

Disable User Login with nologin

Disable User Login with nologin

Adding ! After Username

Another way is adding ! after username and before x like below.

Unlock/Enable User

After some time we may need to enable or unlock given user account there are different ways to unlock an user account. Here some of them with chage and passwd command.

Check User Lock Configuration

We will check the status of this account from configuration file. Is the account disabled?

We can also check the user configuration whether it is locked or not with the chage command like below.

Leave a Reply

Your email address will not be published. Required fields are marked *

Enjoy this blog? Please spread the word :)