Linux 101 : Accounts security - Locking accounts, Accounts logs, ... -
Instead of deleting accounts, we could make them temporarily "unusable" by running the below command:
To unlock an account, we use the below command:
An alternative way is to prevent an account from logging into a system is to assign the path "/sbin/nologin" or "/usr/sbin/nologin" to the user's shell depending on the Linux distribution we are using.
To display the last logins of a system, we use the below command:
We could also use the below command:
We could have more details about logins and authentication logs in the below files:
- /var/log/messages
- /var/log/secure
- /var/log/syslog
- . . . . .
The /etc/securetty file:
The "/etc/securetty" file tells the system in which terminals the root user is allowed to login.
If we have only:
If we have only:
Disabling ssh root logins:
We could achieve that by modifying the below a parameter in the "sshd" configuration file "/etc/ssh/sshd_config":
Deleting accounts and their attached files:
To delete an account and its related files, we start by determining the user UID using the below command:
Then we delete the account and its home directory using the below command:
To find these files we use the bellow command:
Comments