MDLog:/sysadmin

The Journal Of A Linux Sysadmin

HowTo Disable a User Account in Linux

| Comments

This short howto will show how to disable a user account under linux. This might be useful in the situation where you don’t want to permanently remove the user, but you just want it disabled and no longer able to use the system. The user will still receive emails for example, but he will not be able to login and check them out.

Modern linux systems use /etc/shadow to store the encrypted user passwords. The quickest way to disable a user is to alter is password stored in /etc/shadow. Normally an active user account will have one line in /etc/shadow that will look like:

1
user:$1$eFd7EIOg$EeCk6XgKktWSUgi2pGUpk.:13852:0:99999:7:::

where the second field is the encrypted password.

If we replace the password with *” or “!” this will make the account unusable, and it will mean that no login is permitted for the user:

1
user:*:13852:0:99999:7:::

This method has the disadvantage that the user password will be lost (unless saved somewhere, etc.) in the case we will want to re-enable it again later. From this point of view a much better method is to use the passwd command to lock the account:

1
passwd <username> -l

and the output of the successful change will be “Password changed.”. This actually just changes the shadow file and adds “!” in front of the user password:

1
user:!$1$eFd7EIOg$EeCk6XgKktWSUgi2pGUpk.:13852:0:99999:7:::

Of course we could do this manually ourselves also if we want ;–).

If you will ever need to re-enable the account just unlock it:

1
passwd <username> -u

or just remove manually the “!” character from the user’s password line in /etc/shadow.

Of course if you don’t need all this stuff and you just want to permanently remove the user just run:

1
userdel <username>

this will keep his old files (home directory, mails, etc.) or to delete all his files on the system:

1
userdel -r <username>

just be careful what is the home of the user before running this command as personally I have seen someone do this and erasing all the system… the user had set as home “/” ;–).

Comments