Date: Tue, 05 Apr 2005 19:20:40 -0400 From: Bob Ababurko <ababurko@adelphia.net> To: Ean Kingston <ean@hedron.org> Cc: freebsd-questions@freebsd.org Subject: Re: suspending login Message-ID: <42531D48.4080506@adelphia.net> In-Reply-To: <200504051850.33281.ean@hedron.org> References: <42531440.30103@adelphia.net> <200504051850.33281.ean@hedron.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Ean Kingston wrote: > On April 5, 2005 06:42 pm, Bob Ababurko wrote: > >>Hello all- >> >>I am trying to figure out how to suspend a login for a user. Do I have >>to do this with password aging or is there an easier(read brute force) >>way to disallow a user from logging in? > > > the safest way is to set the shell to /sbin/nologin and the home directory > to /nonexistant in your auth system. The latter is especially needed if you > allow ssh for remote login since the public-key authentication mechanisms > sometimes bypass the normal login restrictions. > That is perfect...just what I was trying to do. I am used to solaris... where if my memory serves me, can lock a user account using the -l flag with the passwd command or comment them out in the passwd file. I still like freebsd way more though. thanks, Bob
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42531D48.4080506>