How to set an user account that valid for 1 session only

[shadow111]

Hi All,

I want to create an user account which the password will be valid for 1 session only. After the session, the password for the account will be expired and the account will be disabled.
Is there any way for me to do this? Thank you.

 

[jalge2]

If this is only for a short period of time, or say it is only for a person that will be there for a day or so, can't you just create it and then delete it when they leave, or you don't need the name anymore?

 

[shadow111]

Hi,

I have to setup an account for a remote user from another country to access to my server. Whenever the remote user want to access to my server, I will give him the new password for the account and after he finish accessing my server and logout, I want the account automatically disable so that outsiders cannot access my server using this account anymore. Whenever the user want to access it, I'll then just create a new password for the user to access it.
Is there anyway for me to setup the account like this? Thank you.

 

[J1mbo]

Check the man pages for a 'useradd' type command on your system. In Solaris the -e (expire date) and -f (days inactive) options may do what you want.

-jim

 

[shadow111]

Hi J1mbo,

I've already tried the expired date for the useradd but I found this not very practical as I don't know when the user need to access to my server. The user only need to access when he needs to debug his program on the server.

 

[pmurray99]

run this via root cron:-

#!/usr/bin/ksh

UserName=$1

who |grep "^${UserName} " > /dev/null 2>&1 &&
{
while :
do
sleep 60
who |grep "^${UserName} " > /dev/null 2>&1 ||
{
passwd -l $UserName
break
}
done
}

 

[J1mbo]

#! /bin/ksh
# lock an account upon logout
# Run as a root cronjob x times an hour

# File with users to monitor
USERS=/var/tmp/users.dat

for EACHUSER in $(< $USERS) ; do

# Check if the user was just logged in
if [[ -f /var/tmp/.$EACHUSER.flag ]] ; then
if who | grep $EACHUSER > /dev/null ; then
# Do nothing if still logged in
:
else
# The user is no longer logged in
# lock the account and remove the flag file
passwd -l $EACHUSER
rm /var/tmp/.$EACHUSER.flag
fi
fi

if who | grep $EACHUSER > /dev/null ; then
# Set the flag file if logged in
touch /var/tmp/.$EACHUSER.flag
fi

done

 

[shadow111]

Hi pmurray99,

Thanks for the script as it work as what I need. Thank you very much for your help and your time.

Hi J1mbo,

I've tried your script but I encounter some syntax error with your script. I'm not very good in Unix scripting, so I'm still trying to figure out way to correct your script so that it can works. Anyway, thank you very much for providing me with the script and for your time.

You two really help me alot in solving my problem.