Side Gadgets

Linux 101 : Accounts security - Locking accounts, Accounts logs, ... -


ByPosted at
Share

Locking unused accounts:

Instead of deleting accounts, we could make them temporarily "unusable" by running the below command:


To unlock an account, we use the below command:


An alternative way is to prevent an account from logging into a system is to assign the path "/sbin/nologin" or "/usr/sbin/nologin" to the user's shell depending on the Linux distribution we are using.


To display the last logins of a system, we use the below command:


We could also use the below command:


To display the failed attempts, we use the below command:


We could have more details about logins and authentication logs in the below files:
  • /var/log/messages
  • /var/log/secure
  • /var/log/syslog
  • . . . . .
The location may vary depending on the Linux distribution.

The /etc/securetty file:

The "/etc/securetty" file tells the system in which terminals the root user is allowed to login.
If we have only:


The root is only allowed to login on the first terminal.

Disabling ssh root logins:

We could achieve that by modifying the below a parameter in the "sshd" configuration file "/etc/ssh/sshd_config":


Then we tell "sshdto read - reload - its configuration file using the below command:


Deleting accounts and their attached files:

To delete an account and its related files, we start by determining the user UID using the below command:


Then we delete the account and its home directory using the below command:


The above command doesn't delete the other files that the user owns and have created. 
To find these files we use the bellow command:

Post a Comment
Labels
Random thoughts, and observations about our daily lives, to make us reflect about life in general.

Comments

Leave as a comment:

Archive