Share this on (or read 13 comments/add one below):

13 comment

  1. this does not work for me on debian system. however, nologin exist but the command did not work 🙁 (user CAN still login via ssh)

  2. Mantizke, you control that in /etc/ssh/sshd_config:

    AllowUsers user

    in this case, only user may login and all other users are denied access.

  3. I protest. This article is prejudiced against Tony.


    (Really, thanks. I was looking for a way to make an ftp user with no shell access on a debian box. This was precisely what I needed.)

  4. Man!You save my day! Thank you very-very much for this usefull post.
    At least i learned new security measure how to separate UID’s on my test webserver.
    God Bless You.

  5. if you just want to get a new real user try “adduser –help” for normal user it should be the option “–disabled-login” or maybe you want to create a system user try “adduser –system –no-create-home USER”.

  6. adduser --disabled-login is **NOT** the right thing to use for blocking shell access!!

    Enter “man adduser” and look for this description:

                  Do  not  run passwd to set the password.  The user won't be able
                  to use her account until the password is set.
  7. Hi,

    Can someone tell me what is ” /s$ ” in /etc/passwd file instead of /sbin/nologin ?

    someuser:x:1022:1022::System User for someuser:/home/someuser/:/s$

    Thank You

      1. Yes, the “someuser” was crated by me for some time.. I searched on google but I didn’t find any answer… about /s$.
        And is true, this think is on a hacked server… by a rootkit — SHV4 or SHV5. and I want to see how was hacked…

        Thank You!

    Have a question? Post it on our forum!