Beco grabbed a keyboard and wrote: > Dear userix, > > I have a server with lots of students accounts, and some professors and > admins. > > I wonder, what would be an easy way to freeze students access now, > stopping them from logging via SSH, and reinstating them on February? > > They are part of a "group" if that helps.
The way I've always done it if I've needed to remove someone's access
without removing their account has been to just set their login shell to
/bin/false. In many versions of Linux (including Debian), though,
there's /usr/sbin/nologin, which gives them a message saying the account
isn't available and then exits.
$ egrep davidg /etc/passwd
davidg:x:1000:100:David Guntner:/home/davidg:/bin/bash
That's me on my home system. See the last field? It sets the login
shell to /bin/bash. All you have to do is edit /etc/passwd and change
that last field for the person you want to deny to /usr/sbin/nologin (if
you want them to get a message) or /bin/false (if you want it to just
silently deny them) and you're all set.
--Dave
signature.asc
Description: OpenPGP digital signature
