HowTo: Deny User from Logging Into Your System

There are times when you need to prevent a particular bash-enabled user to login temporarily into your system, without completely deleting his account, here's an entry to do that.

This entry can be helpful for a situation wherein you need to temporarily prevent bash-enabled users from logging into the system.

How to temporarily deny a user from logging into a system?

# finger visitor
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Login: visitor Name: (null)
Directory: /home/visitor Shell: /bin/bash
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

To restrict the above visitor account from logging into the system while you are fixing something related to his website folder or files, simply

# chsh visitor -s /sbin/nologin

As soon as the visitor account logs in, a similar message pops out
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This account is currently not available.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Alternatively, you can lock the account while you are busy at fixing something related to his websites files and folders

# passwd -l visitor

The above prevents visitor account from logging into the system by locking his system account. The only difference is that first approach sends a friendly temporary unavailability message to that particular system user of

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This account is currently not available.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

while the second approach of freezing or locking the user account would send a horrible system message similar to

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Permission denied, please try again.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

There are a lot of ways to prevent a particular user from logging into the system.

Enjoy.

Related Reading:
Disable Any User from Logging into the System
Linux Password, Shadow and Group Files Explained