change user shell to bin false

RHEL/Cent OS

# usermod -s /sbin/nologin username

or

change the shell from /bin/bash to /sbin/nologin

not affected by this shell (/sbin/nologin):

FTP clients
mail clients
sudo
many setuid programs

prevents access to the shell and logs the attempt. All of the following programs are prevented from accessing the user account:

telnet/login
gdm/kdm/xdm (graphical login)
su
ssh/scp/sftp etc

Debian / Ubuntu

$ sudo usermod -s /bin/false username

or

# sudo usermod -s /bin/false username

or

another way – touch /etc/nologin