Shulou(Shulou.com)06/01 Report--

Editor to share with you how to lock and unlock user accounts in Linux. I hope you will gain something after reading this article. Let's discuss it together.

If you have implemented some kind of password policy in your organization, you don't need to read this article. But in this case, if you set a 24-hour lock period for your account, you need to unlock the user account manually.

This tutorial will help you manually lock and unlock user accounts in Linux.

This can be done in three ways using the following two Linux commands.

Passwd

Usermod

To illustrate this point, we chose the daygeek user account. Let's see how it can be achieved step by step.

Please note that you must use the account of the user you need to lock or unlock, not our account. You can use the id command to check whether a given user account is available in the system. Yes, my account is available in my system.

# id daygeekuid=2240 (daygeek) gid=2243 (daygeek) groups=2243 (daygeek), 2244 (ladmin)

Method 1: how do I use the passwd command to lock, unlock, and check the status of a given user account in Linux?

The passwd command is one of the commands frequently used by Linux administrators. It is used to update the user's authentication token in the / etc/shadow file.

Use the-l switch to run the passwd command to lock out the given user account.

# passwd-l daygeekLocking password for user daygeek.passwd: Success

You can check the locked account status through the passwd command or by getting a given user name from the / etc/shadow file.

Use the passwd command to check the user account lockout status.

# passwd-S daygeek or # passwd-- status daygeek

Daygeek LK 2019-05-30 7 90 7-1 (Password locked.)

This outputs short information about the password status of a given account.

LK

NP

PS

Use the / etc/shadow file to check the status of locked user accounts. If the account is locked, the password will be preceded by two exclamation marks.

# grep daygeek / EtcUnip shadowdaygeekGrane 6$ tGvVUhEY$PIkpI43HPaEoRrNJSRpM3H0YWOsqTqXCxtER6rak5PMaAoyQohrXNB0YoFCmAuh506n8XOvBBldvMy9trmIV00

: 18047:7:90:7:::

Use the-u switch to run the passwd command to unlock a given user account.

# passwd-u daygeekUnlocking password for user daygeek.passwd: Success

Method 2: how do I use the usermod command to lock, unlock, and check the status of a given user account in Linux?

The usermod command is also frequently used by Linux administrators. The usermod command is used to modify / update account information for a given user. It is used to add users to specific groups, and so on.

Use the-L switch to run the usermod command to lock the given user account.

# usermod-lock daygeek or # usermod-L daygeek

You can check the locked account status through the passwd command or by getting a given user name from the / etc/shadow file.

Use the passwd command to check the user account lockout status.

# passwd-S daygeek or # passwd-- status daygeekdaygeek LK 2019-05-30 7 90 7-1 (Password locked.)

This outputs short information about the password status of a given account.

LK

NP

PS

Use the / etc/shadow file to check the status of locked user accounts. If the account is locked, the password will be preceded by two exclamation marks.

# grep daygeek / EtcUnip shadowdaygeekGrane 6$ tGvVUhEY$PIkpI43HPaEoRrNJSRpM3H0YWOsqTqXCxtER6rak5PMaAoyQohrXNB0YoFCmAuh506n8XOvBBldvMy9trmIV00

: 18047:7:90:7:::

Use the-U switch to run the usermod command to unlock the given user account.

# usermod-unlock daygeek or # usermod-U daygeek

Method-3: how do I use the usermod command in Linux to disable and enable SSH access to a given user account?

The usermod command is also a command often used by Linux administrators. The usermod command is used to modify / update account information for a given user. It is used to add users to specific groups, and so on.

Instead, locking can be done by assigning nologin shell to a given user. To do this, you can run the following command.

# usermod-s / sbin/nologin daygeek

You can check the locked user account details by giving a user name from the / etc/passwd file.

# grep daygeek / etc/passwddaygeek:x:2240:2243::/home/daygeek:/sbin/nologin

We can enable ssh access for users by assigning back to the original shell.

# usermod-s / bin/bash daygeek

How do I use shell scripts to lock, unlock, and check the status of multiple user accounts in Linux?

If you want to lock / unlock multiple accounts, you need to find a script.

Yes, we can write a small shell script to do this. To do this, use the following shell script.

Create a list of users. Each user information is on a separate line.

$cat user-lists.txt

U1

U2

U3

U4

U5

Use the following shell script to lock out multiple user accounts in Linux.

# userMushlock.shrolock.shrunchandbinapash bash for user in `cat user- lists.txt`do passwd-l $userdone

Set the user-lock.sh file to executable permissions.

# chmod + user-lock.sh

Finally, run the script to achieve the goal.

# sh user-lock.sh

Locking password for user u1.passwd: SuccessLocking password for user u2.passwd: SuccessLocking password for user u3.passwd: SuccessLocking password for user u4.passwd: SuccessLocking password for user u5.passwd: Success

Use the following shell script to check locked user accounts.

# vi usercopyright lockhouse status.shroud userdone. Binram bash for user in `Userlock lists.txt`do passwd-S $userdone

Set user-lock-status.sh executable permissions.

# chmod + user-lock-status.sh

Finally, run the script to achieve the goal.

# sh user-lock-status.shu1 LK 2019-06-100 99999 7-1 (Password locked.) U2 LK 2019-06-100 99999 7-1 (Password locked.) U3 LK 2019-06-100 99999 7-1 (Password locked.) U4 LK 2019-06-100 99999 7-1 (Password locked.) U5 LK 2019-06-100 99999 7-1 (Password locked.)

Use the following shell script to unlock multiple users.

# userMushunlock.shrunkandbinram bash for user in `cat user- lists.txt`do passwd-u $userdone

Set user-unlock.sh executable permissions.

# chmod + user-unlock.sh

Finally, run the script to achieve the goal.

# sh user-unlock.shUnlocking password for user u1.passwd: SuccessUnlocking password for user u2.passwd: SuccessUnlocking password for user u3.passwd: SuccessUnlocking password for user u4.passwd: SuccessUnlocking password for user u5.passwd: Success

Run the same shell script user-lock-status.sh to check that these locked user accounts are unlocked in Linux.

# sh user-lock-status.shu1 PS 2019-06-100 99999 7-1 (Password set, SHA512 crypt.) U2 PS 2019-06-100 99999 7-1 (Password set, SHA512 crypt.) U3 PS 2019-06-100 99999 7-1 (Password set, SHA512 crypt.) U4 PS 2019-06-100 99999 7-1 (Password set, SHA512 crypt.) U5 PS 2019-06-100 99999 7-1 (Password set, SHA512 crypt.) After reading this article, I believe you have a certain understanding of "how to lock and unlock user accounts in Linux". If you want to know more about it, welcome to follow the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.