nologin command is used to prevent a user from logging into the system. When a user account is disabled, but the user still tries to log in, the system displays an error message and immediately logs the user out. The
nologin command is an alternative to disabling a user account by changing the password to an invalid value. It is also useful for system accounts that should not be used for interactive login.
nologin command is used to set the shell of a user account to
/usr/sbin/nologin. This shell does not allow the user to log in and immediately logs them out with an error message. To use the
nologin command, you must have root privileges.
nologin [options] [username]
To deny user
jane from logging into the system, run the following command:
sudo nologin jane
To remove the
nologin restriction from user
jane, run the following command:
sudo usermod -s /bin/bash jane
Specific use cases
- Preventing an employee who has left the company from accessing the system.
- Disabling a user account temporarily while performing maintenance on the account.
- Preventing a system account from being used for interactive login.
nologin command has the following options:
||Display help message and exit.|
||Display version information and exit.|
- If the
nologincommand is not working, ensure that you have root privileges.
- If you want to disable a user account temporarily, use the
passwd -lcommand instead of the
nologincommand. This command locks the user’s password and prevents them from logging in, but still allows them to use other system resources.
nologincommand is available on most Linux distributions.
nologincommand is not a security feature. It is simply a way to prevent a user from logging into the system. If you want to secure your system, you should use other methods such as firewalls, access control lists, and encryption.