Ubuntu: Setup a non-GUI user?



Question:

It's possible to create a user such that

  • Login is possible via command line interface, e.g. tty, ssh, etc;
  • Login is impossible in GUI, e.g. lightdm, gdm, etc;
  • It has password, ideally also has home directory.


Solution:1

In Ubuntu 16.04,

you can configure the access.conf file according to your needs.

First, create a standard user (without Admin privileges). Then edit the file /etc/security/access.conf and add a line that will disallow any local logins except the tty that you will define.

In the following example, the user with username localuser can log in (in local machine) only from tty1.enter image description here

- : localuser : LOCAL EXCEPT tty1  

Now we need to activate the access.conf file.

Here is the Trick on how to activate in Ubuntu.

For some reason, when I tested this on my Ubuntu 16.04 configuring the default /etc/pam.d/login file, (the pam_access.so line already exist there, and I just uncommented it) it didn't work.

But it did work when I added the line in /etc/pam.d/common-account

Edit the file and insert the following line below pam_deny.so.

account required                        pam_access.so  

enter image description here

No restart of any service is needed. Just log out and test if the new user can log in from Lightdm, GDM or any Display Manager you have.


Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »