methods of prevent a user (or group) to be able to login

security linux

is the only method to prevent a user from logging into the server setting the users shell to /dev/null?


Another alternative to using passwd -l would be to use passwd -d and delete the user's password.


Agree with ironchef regarding that configuring your sshd with AllowUsers or AllowGroups alternatively DenyUsers or DenyGroups might be a good solution, depending on what you are specifically trying to accomplish.

Regarding the option of setting a denying shell. If you have a /sbin/nologin available that might be preferable to /dev/null or /bin/false. Using /sbin/nologin will basicly have the same effect (non-zero exit), but with the extra bonus of the user getting a short message about the login being disabled.

Since you seem to want to keep the account around I assume you might be using them for something else? Depending on what that is, the locking of accounts may or may not be a good idea.

As already stated, please let people know what problem you are trying to solve, etc. Usually you can get a lot better advice that way.

Related

GRUB for windows while not having a Linux root partition?
DHCP DDNS not working for Linux clients
Apache Failover and Load Balancing [duplicate]
MS Active Directory as a simple LDAP server
Alternatives for enabling SSL on EC2
Is there a way to change the serial number in SQL server without reinstalling it?
Procmail: Pipe to Program, Otherwise Return Error to Sender
Integral representation Hurwitz Zeta function
Maximum orders of elements in $S_n$ and $A_n$ [duplicate]
Isomorphism of the special orthogonal group
hurwitz zeta Integral representation
Eigenvalues of a 2x2 matrix A such that $A^2$=I