The nologin command is used to prevent a user from logging into the system. When a user account is disabled, but the user still tries to log in, the system displays an error message and immediately logs the user out. The nologin command is an alternative to disabling a user account by changing the password to an invalid value. It is also useful for system accounts that should not be used for interactive login.
Overview
The nologin command is used to set the shell of a user account to /usr/sbin/nologin. This shell does not allow the user to log in and immediately logs them out with an error message. To use the nologin command, you must have root privileges.
Syntax
nologin [options] [username]
Examples
To deny user jane from logging into the system, run the following command:
sudo nologin jane
To remove the nologin restriction from user jane, run the following command:
sudo usermod -s /bin/bash jane
Specific use cases
- Preventing an employee who has left the company from accessing the system.
- Disabling a user account temporarily while performing maintenance on the account.
- Preventing a system account from being used for interactive login.
Options
The nologin command has the following options:
| Option | Description |
|---|---|
-h, --help |
Display help message and exit. |
-V, --version |
Display version information and exit. |
Troubleshooting tips
- If the
nologincommand is not working, ensure that you have root privileges. - If you want to disable a user account temporarily, use the
passwd -lcommand instead of thenologincommand. This command locks the user’s password and prevents them from logging in, but still allows them to use other system resources.
Notes
- The
nologincommand is available on most Linux distributions. - The
nologincommand is not a security feature. It is simply a way to prevent a user from logging into the system. If you want to secure your system, you should use other methods such as firewalls, access control lists, and encryption.