{ 10 comments… read them below or add one }

1 mantizke May 12, 2009 at 7:32 pm

this does not work for me on debian system. however, nologin exist but the command did not work :( (user CAN still login via ssh)

Reply

2 Lekensteyn May 14, 2010 at 4:24 pm

Mantizke, you control that in /etc/ssh/sshd_config:

AllowUsers user

in this case, only user may login and all other users are denied access.

Reply

3 tony August 31, 2011 at 6:09 pm

I protest. This article is prejudiced against Tony.

I WANT MY BASH ACCESS!

(Really, thanks. I was looking for a way to make an ftp user with no shell access on a debian box. This was precisely what I needed.)

Reply

4 WhoA November 30, 2012 at 12:06 am

Man!You save my day! Thank you very-very much for this usefull post.
At least i learned new security measure how to separate UID’s on my test webserver.
God Bless You.

Reply

5 moncasi August 7, 2013 at 11:42 am

Isn’t it the same than creating a new user with
adduser –disabled-login USER
?
Thanks

Reply

6 ben September 24, 2013 at 10:00 pm

if you just want to get a new real user try “adduser –help” for normal user it should be the option “–disabled-login” or maybe you want to create a system user try “adduser –system –no-create-home USER”.

Reply

7 Manuel January 19, 2014 at 6:58 pm

adduser --disabled-login is **NOT** the right thing to use for blocking shell access!!

Enter “man adduser” and look for this description:

       --disabled-login
              Do  not  run passwd to set the password.  The user won't be able
              to use her account until the password is set.

Reply

8 Geo February 18, 2014 at 1:38 pm

Hi,

Can someone tell me what is ” /s$ ” in /etc/passwd file instead of /sbin/nologin ?

someuser:x:1022:1022::System User for someuser:/home/someuser/:/s$

Thank You

Reply

9 Leo February 18, 2014 at 4:25 pm

/s$ that is an unusual shell name. I hope you are not hacked. Is someuser was created by you?

Reply

10 Geo February 18, 2014 at 5:33 pm

Yes, the “someuser” was crated by me for some time.. I searched on google but I didn’t find any answer… about /s$.
And is true, this think is on a hacked server… by a rootkit — SHV4 or SHV5. and I want to see how was hacked…

Thank You!

Reply

Leave a Comment

Tagged as: , , , , , , ,

Previous post:

Next post: