[wplug] passwd file
Kuzman Ganchev
kuzman at sccs.swarthmore.edu
Fri Jul 11 13:23:37 EDT 2003
On Fri, Jul 11, 2003 at 12:06:31PM -0400, Chris wrote:
>
> I have a lot of system users that I don't what to be able to log on locally.
> I know that I can use usermod -s /sbin/nologin username, but I don't want to
> do that for every user. Can I just edit the passwd file manually, or are
> there more files that need to be changed?
I think that this is in the passwd file and nowhere else; at least I
think that's the case on Debian. I remember there being locking issues
with editing a passwd file by hand, but I can't find a reference to it
in the passwd man pages. Does anyone know where a reference to this
might be? Google gave me FreeBSD's locking info, but nothing on Linux.
What I did find in passwd(1) was:
Account maintenance
User accounts may be locked and unlocked with the -l and
-u flags. The -l option disables an account by changing
the password to a value which matches no possible
encrypted value. The -u option re-enables an account by
changing the password back to its previous value.
Although I'm not sure that's what you want, especially if you're
running sshd. If you are running sshd, you need to edit
/etc/ssh/sshd_config, otherwise someone with an authorized_keys file
could:
ssh -l username yourmachine bash
See the sshd_config(5) manual for details.
Kuzman
More information about the wplug
mailing list