How to disable a user account

Use usermod --expiredate 1 username instead of passwd -l username.
Passwd -l does not disable an account, just makes the password unusable, but the user could still login using an ssh key or other auth meth.

By the way, I know a lot of admins who made this mistake 😉

Leave a Reply

Your email address will not be published. Required fields are marked *