- We would like to know the correct way to disable all remote access to an account. Clearly, "
passwd -l" (and by the same token, "
usermod -L") is insufficient because that will not disallow authentication by SSH public keys (or other PAM modules other than pam_unix that may be enabled).
Additionally, changing the shell to
/sbin/nologinis unsatisfactory to us since this only affects interactive logins.
- Red Hat Enterprise Linux
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.