Which command is used to lock a user account?

In Linux, locking a user account is commonly done using the usermod command with the -L option. The command usermod -L username effectively disables the account by placing an exclamation mark in front of the hashed password in the /etc/shadow file. This prevents the user from logging in until the account is unlocked.

The passwd -L command is also a valid option for locking a user account, as it modifies the password of the specified user account to effectively lock it. However, the question specifically asks about locking a user account, and the usermod command directly modifies user account configurations, making it a more straightforward choice for this purpose.

The useradd -L option is incorrect because useradd is used for creating new user accounts, rather than modifying existing ones. The usermod -f option serves a different purpose; it sets the maximum number of days after a password expires before the account is disabled, rather than locking an account.

Thus, the command that is specifically used to lock a user account is usermod -L.