From owner-freebsd-questions@FreeBSD.ORG  Tue Apr  5 23:20:49 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B37B216A4CE
	for <freebsd-questions@freebsd.org>;
	Tue,  5 Apr 2005 23:20:49 +0000 (GMT)
Received: from pobox.webstakez.com (pobox.webstakez.com [24.75.44.213])
	by mx1.FreeBSD.org (Postfix) with SMTP id ED9A343D1F
	for <freebsd-questions@freebsd.org>;
	Tue,  5 Apr 2005 23:20:48 +0000 (GMT)
	(envelope-from ababurko@adelphia.net)
Received: (qmail 18989 invoked by uid 1014); 5 Apr 2005 23:22:38 -0000
Received: from 24.52.231.152 by pobox.webstakez.com (envelope-from
	<ababurko@adelphia.net>, uid 89) with qmail-scanner-1.24 
	(clamdscan: 0.83/761. spamassassin: 2.64. perlscan: 1.24.  
	Clear:RC:0(24.52.231.152):SA:0(-0.5/5.0):. 
	Processed in 2.414537 secs); 05 Apr 2005 23:22:38 -0000
X-Spam-Status: No, hits=-0.5 required=5.0
X-Qmail-Scanner-Mail-From: ababurko@adelphia.net via pobox.webstakez.com
X-Qmail-Scanner: 1.24 (Clear:RC:0(24.52.231.152):SA:0(-0.5/5.0):. Processed in
	2.414537 secs)
Received: from 24-52-231-152.kntnny.adelphia.net (HELO ?192.168.1.100?)
	(bob@phreakout.net@24.52.231.152)
	by pobox.webstakez.com with SMTP; 5 Apr 2005 23:22:35 -0000
Message-ID: <42531D48.4080506@adelphia.net>
Date: Tue, 05 Apr 2005 19:20:40 -0400
From: Bob Ababurko <ababurko@adelphia.net>
User-Agent: Mozilla Thunderbird 1.0.2 (Macintosh/20050317)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Ean Kingston <ean@hedron.org>
References: <42531440.30103@adelphia.net> <200504051850.33281.ean@hedron.org>
In-Reply-To: <200504051850.33281.ean@hedron.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
cc: freebsd-questions@freebsd.org
Subject: Re: suspending login
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Apr 2005 23:20:49 -0000

Ean Kingston wrote:
> On April 5, 2005 06:42 pm, Bob Ababurko wrote:
> 
>>Hello all-
>>
>>I am trying to figure out how to suspend a login for a user.  Do I have
>>to do this with password aging or is there an easier(read brute force)
>>way to disallow a user from logging in?
> 
> 
> the safest way is to set the shell to /sbin/nologin and the home directory 
> to /nonexistant in your auth system. The latter is especially needed if you 
> allow ssh for remote login since the public-key authentication mechanisms 
> sometimes bypass the normal login restrictions.
> 
That is perfect...just what I was trying to do.

I am used to solaris... where if my memory serves me, can lock a user 
account using the -l flag with the passwd command or comment them out in 
the passwd file.  I still like freebsd way more though.

thanks,
Bob