4

I have a systems which has multiple users but only few selected users are allowed to login to the system at a given time through SSH (or otherwise).

I am using "passwd -l/-u" command to lock and unlock users, and allow only one user at a time.

What I need is to tell the other users trying to SSH to a system why they cannot SSH. Currently when the user account is locked and they cannot SSH they only get "Connection Refused" message. I want to be able to edit this message to tell them "Your account is locked and you cannot login before xxxxxxx time"

What are the possible ways I can achieve this. I have tried googling for this but without any luck.

Thanks.

Improve this question
4
  • serverfault.com/questions/653399/ssh-motd-per-user Look for the section on SSH banner per user. You could probably script something off that.
    – jackhamm
    Commented Jul 27, 2015 at 22:42
  • If you want to customize the message but not per-user you can use nologin, meaning re-enabling users account but assigning them /usr/bin/nologin as their login shell. They will not be able to connect and receive a default message saying the account is disabled or the message written in /etc/nologin.txt. If you want a per-user message you can replace nologin by a hand-made script which always returns 1.
    – piernov
    Commented Jul 28, 2015 at 0:22
  • @piernov : thanks. I think that works for me. I found a reference online which suggests the same approach as you did. :)
    – CodeWithPride
    Commented Jul 28, 2015 at 0:34
  • @piernov that should probably be an answer.
    – Zoredache
    Commented Jul 28, 2015 at 0:36

1 Answer 1

Reset to default
3

If you want to customize the message but not per-user you can use nologin, meaning re-enabling users account but assigning them /usr/bin/nologin as their login shell. They will not be able to connect and receive a default message saying the account is disabled or the message written in /etc/nologin.txt.

If you want a per-user message you can replace nologin with a hand-made script which always returns 1.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .