UnixServerAdmin

Server Administration & Management

How to disable users from loggin into the server, except the administrator(root)

In cases where you have to disable the login to all users,except root, for example when you have to do a backup, you have to use pam_nologin.so

1) Edit the pam file for the service you want to control, in this example i modify ssh pam control file, located in /etc/pam.d/sshd & Add the line :-

# vim /etc/pam.d/sshd

account required pam_nologin.so

2) Create the /etc/nologin file, just do “touch /etc/nologin”

# touch /etc/nologin

This should disable the login from ssh. If you want to disable the login from terminal, modify the /etc/pam.d/login file.

3) To re-enable the login just remove /etc/nologin

# rm -rvdf /etc/nologin

Advertisements

February 16, 2013 - Posted by | Security, SSH, Tips & Tricks, Unix/Linux | , , , ,

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: