How to Suspend User Accounts on a Linux Server

I hope the time never comes when you have to take action against a user on your dedicated server, but if the situation does arise, you should know how to handle it. With a Linux server, there are several ways to disable an account without completely deleting it. This is useful if you have a temporary account that you only use at certain times or if you need to temporarily suspend a user.

One method for suspending a user is to make it impossible for the user to login with his/her password by altering the password in /etc/shadow. A typical user entry in the shadow file will look like this:


The second field with a bunch of random-looking characters represents the password. You can disable the password by replace those characters with a “*” to make it look like this:


The next time the user tries to login, it will fail. In the event that you eventually decide to re-activate the account, you can do so by giving it a new password.

Obviously the disadvantage of this method is that the user loses his/her password and needs a new one. Another method is to use the passwd command:

passwd fakeuser -l

The same effect can be accomplished by simply adding a “!” in front of the encrypted password in the /etc/shadow file.

To re-enable the account, just type:

passwd fakeuser -u

This is a simple way to suspend a user account. If your user has a website with a control panel, you may need to use your control panel to disable the account from there. Otherwise, you are all set.