Linux 101 : Accounts security - Locking accounts, Accounts logs, ... -

Locking unused accounts:

Instead of deleting accounts, we could make them temporarily "unusable" by running the below command:

To unlock an account, we use the below command:

An alternative way is to prevent an account from logging into a system is to assign the path "/sbin/nologin" or "/usr/sbin/nologin" to the user's shell depending on the Linux distribution we are using.

To display the last logins of a system, we use the below command:

We could also use the below command:

To display the failed attempts, we use the below command:

We could have more details about logins and authentication logs in the below files:
  • /var/log/messages
  • /var/log/secure
  • /var/log/syslog
  • . . . . .
The location may vary depending on the Linux distribution.

The /etc/securetty file:

The "/etc/securetty" file tells the system in which terminals the root user is allowed to login.
If we have only:

The root is only allowed to login on the first terminal.

Disabling ssh root logins:

We could achieve that by modifying the below a parameter in the "sshd" configuration file "/etc/ssh/sshd_config":

Then we tell "sshdto read - reload - its configuration file using the below command:

Deleting accounts and their attached files:

To delete an account and its related files, we start by determining the user UID using the below command:

Then we delete the account and its home directory using the below command:

The above command doesn't delete the other files that the user owns and have created. 
To find these files we use the bellow command:


Leave as a comment: