document updated 12 years ago, on Jul 20, 2012
There are various ways to lock a user account in Un*x:
add ! to password field in /etc/shadow
Use passwd -l to lock, and passwd -u to unlock.
"Note that this does not disable the account. The user may still be able to login using another authentication token (e.g. an SSH key). To disable the account, administrators should use usermod --expiredate 1"
clear their password field
passwd -d
expire their account
usermod -e 1
chage -E 1
change their shell to /bin/nologin or /bin/false
usermod -s /bin/nologin
/etc/ssh/sshd_config
In the file 'sshd_config' (perhaps located at /etc/ssh/sshd_config), there are four options you can use:
view current settings
You can view what the current status of someone's account is via:
chage -l <username>
passwd -S <username>