jump to navigation

Refuse remote Login terminal to non-root users on Linux February 23, 2011

Posted by Tournas Dimitrios in Linux.
trackback

This article will just present some quick ways to discard remote log-in attempts . Although Linux maintenance can be done on “runlevel 1” (for RedHat based systems) , it is sometimes convenient to have a graphical environment without other users loged-in , and perform our tasks .

  • The /sbin/nologin command politely refuse a login. It displays a message that an account is not available and exits non-zero. This is prefered method these days to deny login access to account. You can use it as follows:
    usermod -s /sbin/nologin userName
  • Lock an user out (temporarily)
    passwd -l userName —->lock
    passwd -u userName —->unlock
  • The /bin/false is old method which does nothing and always return unsuccessful code. You can use it as follows to deny login access to existing user:
    usermod -s /bin/false userName
  • Create a /etc/nologin file . This is used when you need to deny login access to all users except root account. Just create /etc/nologin file and you are done:
    touch /etc/nologin

Reboot the computer for the changes to take place .

Comments»

1. Hardening Linux by Disabling SSH Password Authentication (allow only RSA) « Tournas Dimitrios - January 4, 2013

[…] Refuse remote Login terminal to non-root users on Linux […]


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s