How To Disable User Logon in Linux

On Linux, there are multiple ways to prevent users from logging on.

1. Modify the user configuration file/etc/shadow and set the second column to "*", as shown below. The user cannot log on. However, using this method will lead to the loss of the user's password, that is, when you allow him to log on again, you have to ask him to reset the password. [The method to enable this account again is to remove "*".]

Dduyoung: *: 14245: 0: 99999: 7 :::

2. Run The usermod command.
This method is simple, practical, and has no side effects.

Usermod-l dduyoung # Lock account dduyoung
Usermod-u dduyoung # unlock account dduyoung

3. Modify the shell Type
This method is more user-friendly, because you can not only Disable User Logon, but also tell him why you did so. As follows:

CHSH dduyoung-S/sbin/nologin # change the user's dduyoung Shell

###############
# Modify/etc/nologin.txt (create a new one ),
# Add a prompt to the banned user
###############

# The way to unban a user is to change shell to its original one.

4. prohibit all users from logging on
When you (if you are a system administrator) Don't want to log on to all users (for example, you want to maintain system upgrades or something), If you disable User Logon one by one in the above way, this will be very ...... Boring. It is also prone to errors. The following is a simple and effective method:

# Create a nologin document under the/etc directory
Touch/etc/nologin # If the file exists, all users (except root) on Linux cannot log on.
# In/etc/nologin (Note: This is not 3's nologin.txt !) Write something to tell users why they cannot log on
#################
CAT/etc/nologin
Am-Am system upgrade, all users are not allowed to log on!

# It's easy to unban an account. Just delete/etc/nologin!