Instead of deleting accounts, we could make them temporarily "unusable" by running the below command:
To unlock an account, we use the below command:
An alternative way is to prevent an account from logging into a system is to assign the path "/sbin/nologin" or "/usr/sbin/nologin" to the user's shell depending on the Linux distribution we are using.
To display the last logins of a system, we use the below command:
We could also use the below command:
To display the failed attempts, we use the below command:
We could have more details about logins and authentication logs in the below files:
. . . . .
The location may vary depending on the Linux distribution.
The /etc/securetty file:
The "/etc/securetty" file tells the system in which terminals the root user is allowed to login. If we have only:
The root is only allowed to login on the first terminal.
Disabling ssh root logins:
We could achieve that by modifying the below a parameter in the "sshd" configuration file "/etc/ssh/sshd_config":
Then we tell "sshd" to read - reload - its configuration file using the below command:
Deleting accounts and their attached files:
To delete an account and its related files, we start by determining the user UID using the below command:
Then we delete the account and its home directory using the below command:
The above command doesn't delete the other files that the user owns and have created.