How to Disable Shell Access to User Account in Linux

Written by: Bobbin Zachariah   |   Last updated: August 22, 2022

By default when creating a user account in Linux, the user will explicitly have SSH access. There are situations where user accounts don't need shell access to FTP, mails, or ssh.

In this tutorial, we learn how to disable shell access for a user in Linux. This makes the user unable to login to the shell.

Create a new user with no shell access

By default when creating a user account, a shell is assigned to the user as define in the /etc/default/useradd file.

While creating a user account you can explicitly specify shell which user should login.

Linux comes with a /sbin/nologin shell which displays a message 'This account is currently not available', when a user attempt to connect. This is one way to disable the user from access the login shell.

Let's check two command to create a user with a disabled shell.

Using useradd:

Syntax:

useradd -s /sbin/nologin {username}

Using adduser:

Syntax:

adduser --shell /sbin/nologin {username}

Disable Shell for an existing user

To change shell for the existing user use chsh or usermod command.

Using chsh:

Syntax:

chsh -s /sbin/nologin {username}

To change shell to nologin for the user named bob, type:

sudo chsh -s /sbin/nologin bob

Using usermod:

Syntax:

usermod {username} -s {shell path}

To change shell to /sbin/ftpnologin for the user named bob, type:

sudo usermod bob -s /sbin/ftpnologin

You can customize the shell to show a custom message when users login via ftp.

!/bin/sh
 No shell access. Only FTP access allowed.

To give executable permission, type:

sudo chmod a+x /sbin/ftpnologin

All shells are available in /etc/shell, append new shell to this list:

echo "/sbin/ftpnologin" | sudo tee -a /etc/shells

Instead of doing the above methods, you can manually change the shell by editing /etc/password file, that will also work.

Conclusion

In this tutorial, we learned how to disable a user account from access to the default shell.

Thanks for reading, please leave your feedback and suggestions in the below comment section.

About The Author

Bobbin Zachariah

Bobbin Zachariah

Bobbin Zachariah is an experienced Linux engineer who has been supporting infrastructure for many companies. He specializes in Shell scripting, AWS Cloud, JavaScript, and Nodejs. He has qualified Master’s degree in computer science. He holds Red Hat Certified Engineer (RHCE) certification and RedHat Enable Sysadmin.

LinkedIn

What is process in Linux

Process and Thread Concepts of Linux

Check Execution Time of a Process in Linux

Different Types of Shells in Linux

Make Ubuntu Terminal Look like Kali Linux

How to Use Zsh: A Beginner’s Guide

Grub Rescue Commands to Fix Boot Issues

Make Bootable USB from ISO using Linux Terminal

6 Best Bootable USB Creator for Linux

13 Cool Things to Do with Linux

A Beginners Guide on Linux LVM

14 Command Line Tools to Check CPU Usage in Linux

How to Learn Linux – A Master Guide

13 Modern Alternatives to Linux Commands

Basic Linux Commands You Should Know

14 Command Line Tools to Check CPU Usage in Linux

13 Cool Things to Do with Linux

SHARE

Comments

Please add comments below to provide the author your ideas, appreciation and feedback.

Leave a Reply

Leave a Comment