How to completely disable a RHEL user account

Solution Verified - Updated -

Issue

  • We would like to know the correct way to disable all remote access to an account. Clearly, "passwd -l" (and by the same token, "usermod -L") is insufficient because that will not disallow authentication by SSH public keys (or other PAM modules other than pam_unix that may be enabled).
    Additionally, changing the shell to /bin/false or /sbin/nologin is unsatisfactory to us since this only affects interactive logins.

Environment

  • Red Hat Enterprise Linux

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In