4

I have a systems which has multiple users but only few selected users are allowed to login to the system at a given time through SSH (or otherwise).

I am using "passwd -l/-u" command to lock and unlock users, and allow only one user at a time.

What I need is to tell the other users trying to SSH to a system why they cannot SSH. Currently when the user account is locked and they cannot SSH they only get "Connection Refused" message. I want to be able to edit this message to tell them "Your account is locked and you cannot login before xxxxxxx time"

What are the possible ways I can achieve this. I have tried googling for this but without any luck.

Thanks.

CodeWithPride
  • 43

1 Answers1

3

If you want to customize the message but not per-user you can use nologin, meaning re-enabling users account but assigning them /usr/bin/nologin as their login shell. They will not be able to connect and receive a default message saying the account is disabled or the message written in /etc/nologin.txt.

If you want a per-user message you can replace nologin with a hand-made script which always returns 1.

chicks
  • 3,915
  • 10
  • 29
  • 37
piernov
  • 435