Wednesday, May 1, 2013

Lock & Unlock a User Account in Linux


To Lock a user account 
$ sudo passwd -l username

To UnLock a user account
$ sudo passwd -u username

 Root can log into locked account using su - username but can't log in using ssh.
Other users can't log into locked account using su - username as well as ssh.

 The message is displayed when users try to access the locked account.
su: Authentication failure
Author : Pavitr Kanetkar | No comments:
Labels: , ,

Disable and Enable users in Linux

Disable and Enable a user account in Linux :
 
Prevent user to access account / Prevent user to reach on shell prompt :

 If you want to disable a user account in Linux, follow these steps.

 if it is debian or ubuntu :
$ sudo usermod -s /usr/sbin/nologin username
if it is centos or fedora :
$ sudo usermod -s /sbin/nologin username

 When you try to access disabled account, it says
This account is currently not available

 Second Method : 
a) Open file /etc/passwd and search your username there.
b) If a line ends with /bin/bash, it means user can log in.
c) Change the text  /bin/bash  into /sbin/nologin (centos or fedora) or /usr/sbin/nologin (debian or ubuntufor your username.
d) Save the file. Now User will not be able to log-in.
Enable a User Account
Allow user to access account / Allow user to reach on shell prompt :

If you want to enable a user account in Linux, Run the command.
$ sudo chsh -s /bin/bash username

Second Method : 
a) Open file /etc/passwd and search your username there.
b) If a line ends with /sbin/nologin (centos or fedora) or /usr/sbin/nologin (debian or ubuntu), it means user can not log in.
c) Change the text /sbin/nologin (centos or fedora) or /usr/sbin/nologin (debian or ubuntuinto  /bin/bash  for your username.
d) Save the file. Now User will be able to log-in.

You can see the solution in the following video.



Author : Pavitr Kanetkar | No comments:
Labels: , ,

Saturday, April 27, 2013

Disable ftp account of a specific user

If you want to disable ftp account of any user, you should follow these steps.

 The process does not prevent user to log into shell prompt. User can log into shell prompt as well as execute the commands but he can't use ftp services.

 If you are using debian or ubuntu. Run following command.
$ echo username >> /etc/ftpusers
If you are using centos or fedora. Run following command.
$ echo username >> /etc/vsftpd/ftpusers
The user will not be able to access ftp account.

 If you do not want to use command line. Open file /etc/ftpusers or /etc/vsftpd/ftpusers (according to your distribution) and add username in the list.
To Allow access :
Just remove the username from the file ftpusers.
Restart vsftpd.
Enable ftp account of root

By Default, root is not able to access ftp because it's name in the list of /etc/ftpusers or /etc/vsftpd/ftpusers
Remove root from the list.
Restart vsftpd.
root will be able to log-in using ftp.

If you are using CentOS, fedora or RHEL and still you are not able to log in as root in your ftp server.
Add following line in the file vsftpd.conf
userlist_deny=YES
Remove user root fin the file /etc/vsftpd/user_list and restart vsftpd.
root should be able to log-in using ftp.
Author : Pavitr Kanetkar | No comments:
Labels: , , , , ,