If you have employees who have left the company, but still have access to your Linux server, you should immediately revoke their access to prevent any potential security breaches. Here are some steps you can take to do this:
- Identify the user accounts that need to be revoked. You can do this by looking at the output of the
lastcommand, which will show you a list of all the users who have logged into the system. - Disable the user accounts. You can do this by using the
usermodcommand with the-L(lock) option. For example, to lock the account for the user “john”, you can use the following command:sudo usermod -L john - Remove the user accounts. If you no longer need the user accounts, you can remove them using the
userdelcommand. For example, to remove the account for the user “jane”, you can use the following command:sudo userdel jane - Change any passwords that the old employees may have had access to. This includes the root password, as well as any passwords for other administrative accounts.
- Review the server logs to see if any unauthorized access attempts have been made, and take appropriate action to address any security issues that you find.
- Consider implementing additional security measures, such as two-factor authentication or a VPN, to help prevent unauthorized access in the future.
Remember, it’s important to take security seriously and act quickly to protect your server and your data.