Today I removed the user in my Linux workstation.

Probably you will say that this is simple task just remove user home directory and his password, but appears that this is not.

First thing is that there is no single command that will do this task for you.

Let’s start:

1. Lock user – this is done with following command:

passwd -l <user_name>

This command will achieve it by changing the password to a value that cannot be matched by any possible encrypted value.

This command is usefull also for temporary disabling user account.

2. Search for and kill any user processes that still run

ps aux | grep -i ^<user_name>

kill -9 <PID number>

where <PID number> is the number in the column just after the user name.

3. Find all files that belong to this user

find / -user <user_name>|less

4. Decision time – decide do you want to keep those files or erase them. My suggestion is to backup them just in case.

5. List and remove any crontab jobs

List user cron jobs:

crontab -u <user_name -l

And if you see any entries remove them:

crontab -u <user_name> -r

6. Remove user from sudoers (if you use sudo)


7. Check any other applications as remote access, MySQL, Web App.
More extended howto


Leave a Reply

You must be logged in to post a comment.