Refuse remote Login terminal to non-root users on Linux February 23, 2011Posted by Tournas Dimitrios in Linux.
This article will just present some quick ways to discard remote log-in attempts . Although Linux maintenance can be done on “runlevel 1” (for RedHat based systems) , it is sometimes convenient to have a graphical environment without other users loged-in , and perform our tasks .
- The /sbin/nologin command politely refuse a login. It displays a message that an account is not available and exits non-zero. This is prefered method these days to deny login access to account. You can use it as follows:
usermod -s /sbin/nologin userName
- Lock an user out (temporarily)
passwd -l userName —->lock
passwd -u userName —->unlock
- The /bin/false is old method which does nothing and always return unsuccessful code. You can use it as follows to deny login access to existing user:
usermod -s /bin/false userName
- Create a /etc/nologin file . This is used when you need to deny login access to all users except root account. Just create /etc/nologin file and you are done:
Reboot the computer for the changes to take place .