Tips - How to Disable Shell Access to User Account in Linux

Tips - How to Disable Shell Access to User Account in Linux

By default when creating a user account in Linux, the user will explicitly have SSH access. There are situations where user accounts don’t need shell access to FTP, mails, or ssh. In this tutorial let learn how to disable shell access for existing Linux user or create a new user with no shell access.
Moja Msanii©

Create a new user with no shell access

By default when creating a user account, a shell is assigned to the user as define in the /etc/default/useradd file.

While creating a user account you can explicitly specify shell which user should login.

Linux comes with a /sbin/nologin shell which displays a message This account is currently not available, when a user attempt to connect. This is one way to disable the user from access the login shell.

Lets check two command to create a user with a disabled shell.

Using useradd

Syntax:

sudo useradd -s /sbin/nologin {username}

Using adduser

Syntax:

sudo adduser --shell /sbin/nologin {username}

Disable Shell for an existing user

To change shell for the existing user use chsh or usermod command.

Using chsh:

Syntax:

sudo chsh -s /sbin/nologin {username}

Using usermod:

Syntax:

sudo usermod {username} -s /sbin/nologin

Conclusion

In this tutorial, we learned how to disabled a user account from access to the default shell.

Share on :