How to completely disable a RHEL user account

Solution Verified - Updated -

Issue

  • We would like to know the correct way to disable all remote access to an account. Clearly, "passwd -l" (and by the same token, "usermod -L") is insufficient because that will not disallow authentication by SSH public keys (or other PAM modules other than pam_unix that may be enabled).
    Additionally, changing the shell to /bin/false or /sbin/nologin is unsatisfactory to us since this only affects interactive logins.

Environment

  • Red Hat Enterprise Linux

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content