How to Lock User in Linux How would you lock a client account in Linux? Significantly more critically, how would you open the client in Linux? Learn different methods of securing and opening clients Linux order line.
3 different ways to bolt and open client accounts in Linux
There could be various reasons why you would need to cripple a client in your multi-client Linux condition.
Maybe a worker left the association and as opposed to erasing the client through and through, lock the record for chronicled reason.
In this instructional exercise, I’ll give you three different ways to secure a client Linux order line. I’ll additionally examine how to open the client.
Strategy 1: Lock and open clients with passwd order
The passwd order in Linux manages passwords of a client account. You can likewise utilize this order to bolt a client account.
The order fundamentally deals with the/and so forth/passwd record. You may physically adjust this document yet I prompt against it.
To bolt a client with the passwd order, you can utilize the choice – l or – lock thusly:
passwd – l user_name
Confirm the status of a client with passwd order
You can realize whether a client is bolted or opened utilizing the choice – S or – status of passwd order.
passwd – S user_name
Take a gander at the second field in the yield. This is what it implies:
– P or PS: secret key is set (client is opened)
– L or LK: User is bolted
– N or NP: No secret key is required by the client
Here’s an example yield of the passwd order:
standard P 10/14/2019 0 99999 7 – 1
To open the client with passwd order, you can utilize the choice – u or – open:
passwd – u user_name
On Ubuntu, you’ll see a yield like this for both bolting and opening the client:
passwd: secret phrase expiry data changed
Shouldn’t something be said about login through SSH?
There is a significant issue with locking clients thusly. Since it just works with the/and so forth/passwd record, the bolted client will at present have the option to sign in through SSH keys (if login by means of SSH key is set). I’ll tell you the best way to manage it in the following segment.
Strategy 2: Lock and open clients with usermod order
You can likewise utilize the usermod order. The order is fundamentally utilized for altering client accounts in Linux.
You can likewise adjust the condition of a client by locking or opening with usermod.
To bolt the client, you can utilize the – L alternative as such:
usermod – L user_name
To open the client, you can utilize the – U alternative:
usermod – U user_name
How would you confirm if the client is bolted or not? The usermod order additionally chips away at the/and so forth/passwd record so you can utilize the passwd – S user_name order to check the status of the client.
In any case, usermod additionally works with the/and so forth/passwd document so this implies the bolted client might at present login through SSH keys, isn’t that so?
Believe it or not. In any case, there are approaches to beat this issue.
For instance, you can change the shell of the client to nologin and this won’t permit the client to login to a shell.
Another strategy is to bolt the client and give a terminated date before. What it does is that it impairs the record on a past date and afterward bolts it.
Ensure that the previous date is between 1970-01-02 and the current date.
usermod – L – expiredate 1970-01-02 user_name
You can switch it with this order:
usermod – U – expiredate ” user_name
There is a comparable method to secure the client Linux with chage order. How about we see it in the following area.
Strategy 3: Lock and open clients with chage order
The chage order is utilized for changing the client secret word expiry data.
It tends to be utilized to consequently bolt an inert client after certain number of long stretches of idleness.
Essentially what you did with the user mod order in the past segment can be accomplished with chage order this way:
chage – E 1 username
Fundamentally, you have set the terminated date to 1970-01-02. You can see the subtleties like this:
chage – E – 1 username
At long last…
As usual, there are different approaches to achieve an errand in Linux order line.
I have appeared here three strategies to secure and open clients Linux.
Do you know a superior way or do you have some accepted procedures proposal for locking clients? Do share it in the remark segment.