document updated 10 years ago, on Jul 20, 2012
There are various ways to lock a user account in Un*x:
add ! to password field in /etc/shadow
Use passwd -l to lock, and passwd -u to unlock.
"Note that this does not disable the account. The user may still be able to login using another authentication token (e.g. an SSH key). To disable the account, administrators should use usermod --expiredate 1"
clear their password field
expire their account
usermod -e 1
chage -E 1
change their shell to /bin/nologin or /bin/false
usermod -s /bin/nologin
In the file 'sshd_config' (perhaps located at /etc/ssh/sshd_config), there are four options you can use:
view current settings
You can view what the current status of someone's account is via:
chage -l <username>
passwd -S <username>