Disable remote login for particular user?

cehgopal · 02-25-2011, 01:57 PM

i want to disable the remote login for particular user id in linux server. can you please on this ASAP.

Thanks

EricTRA · 02-25-2011, 01:58 PM

Hello and Welcome to LinuxQuestions,

It's only urgent to you, not to us. We're all here in our free time helping out others. ASAP and urgent is considered pretty rude on LQ. That being said, have a look at

Code:

man usermod

Kind regards,

Eric

acid_kewpie · 02-25-2011, 01:59 PM

this is not """urgent"""" for anyone here, please do not demand ""urgent" attention, especially if you are going to provide so little useful information. What kind of remote login are you even talking about?

wpeckham · 02-25-2011, 03:49 PM

usermod -L user
where 'user' is the account name to lock.

This will prevent anything that depends upon PAM to allow a logon. If you have ssh configured NOT to use PAM, I am not sure if that would bypass this.

You REALLY DO need to supply enough information the first time if you want an adequate answer the first time. I hope we have helped.

acid_kewpie · 02-25-2011, 04:04 PM

Quote:

Originally Posted by wpeckham

usermod -L user
where 'user' is the account name to lock.

This will prevent anything that depends upon PAM to allow a logon. If you have ssh configured NOT to use PAM, I am not sure if that would bypass this.

You REALLY DO need to supply enough information the first time if you want an adequate answer the first time. I hope we have helped.

But this will affect the password string in shadow, so will affect *ALL* password authenticated logins, not just "remote" ones, whatever that means.

unSpawn · 02-25-2011, 04:28 PM

//Thread title changed to a more appropriate one.

cehgopal · 03-03-2011, 10:04 AM

My requirement is to disable the remote login for application ids so that, the id should be only login as application environment and su - appid.
Advance thanks
Gopal

siranjeevi · 03-03-2011, 01:48 PM

Hi,

You can diable by changing the /etc/passwd file for the user from

Quote:

user::500:500::/home/user:/bin/bash

Quote:

user::500:500::/home/user:/bin/false

helpinlinux.com

siranjeevi · 03-03-2011, 02:00 PM

Quote:

Originally Posted by siranjeevi

Hi,

You can diable by changing the /etc/passwd file for the user from

helpinlinux.com

You can also change that file from

Code:

user::500:500::/home/user:/bin/bash

to

Code:

user::500:500::/home/user:/bin/nologin

Reuti · 03-03-2011, 02:08 PM

When an su should be allowed, changing /etc/passwd doesn't lead to the intended setup AFAICS. I would suggest to put DenyUsers foobar in /etc/ssh/sshd_config and restart sshd.

acid_kewpie · 03-05-2011, 02:01 AM

Quote:

Originally Posted by Reuti

When an su should be allowed, changing /etc/passwd doesn't lead to the intended setup AFAICS. I would suggest to put DenyUsers foobar in /etc/ssh/sshd_config and restart sshd.

Well this doesn't answer the question either, does it? They asked about remote logins, not ssh remote logins. As such, I personally prefer using /etc/security/access.conf to allow multiple services to be configured at a single point for user access.

ravikiran189 · 03-07-2011, 04:38 AM

hope this helps you to some extent

http://www.samlesher.com/ubuntu/ubun...e-command-line