pam_deny

always returns failure

Deny all authentication

$ auth required pam_deny.so

Block account access

$ account required pam_deny.so

Disable password changes

$ password required pam_deny.so

pam_deny.so

pam_deny always returns failure. Used to block authentication.
The module denies all requests unconditionally. Security failsafe module.

No parameters. Always returns failure.

No configuration options. Use carefully to avoid lockout.

pam_deny provides a universal deny module for PAM configurations.