A Linux system administrator needs to know some Linux tricks. In this article, you are going to learn how to block or disable normal user logins in Linux. You may face a problem and perform scheduled system maintenance. There you would prevent non-root(normal) users from connecting to the system. So follow this tutorial to review the function of blocking non-root users by /etc/nologin file and nologin shell in Linux. Also, you need to know what message should be set to help the user see what is actually happening.
Table of Contents
How to block or disable normal user logins in Linux
Let’s walk through the ways you can block or disable users on your Linux server to not be able to log in.
How to block user logins using /etc/nologin File
Displaying a message is the main function of /etc/nologin file, which would be used for the users who attempt to log on to a system during the process of shutdown. Anytime users view this message, they will not be able to log in onto the system. So to block the user login by manually creating, use the below command.
vi /etc/nologin If you want to show to users attempting to log on to the system, you can add the message below to the file.
The Server is down for a routine maintenance. We apologize for any inconvenience caused, the system will be up and running in 1 hours time. For more information, contact the system admin [email protected].How to block user logins using nologin Shell
As this method blocks just one user from accessing a shell, it works a little differently. The function is in the way that users can log on to the system via programs such as ftp that do not necessarily require a shell for the user to connect to a system. The other feature of this method is that you can allow you to block shell access to specific users in special scenarios.
On RHEL/CentOS/Fedora
At this point, you see that you can change the user’s shell in /etc/passwd file from something like /bin/bash or /bin/sh to /sbin/nologin meaning refuse a login, use chsh (change shell) command.
chsh -s /bin/nologin noodi
On Debian/Ubuntu
What the following command does is to change the user eldernode’s shell to /bin/false meaning do nothing.
sudo chsh -s /bin/false noodi
