Nologin user

In Linux, a “nologin” user is a user account that is specifically designed to prevent interactive logins. It’s typically used for:

• System Accounts: Accounts for services and daemons (like ftp, www-data, nobody) that don’t require interactive access.
• Temporarily Disabled Accounts: Accounts for users that you want to temporarily prevent from logging in.
• Security: Restricting access to certain accounts to prevent unauthorized logins.

How it Works:

• Shell Replacement: The “nologin” shell (/sbin/nologin or /usr/bin/false) is assigned to the user’s account.
• Login Attempts: When a user with the “nologin” shell tries to log in (via SSH, console, etc.), they are presented with a message indicating the account is unavailable and then denied access.

Benefits:

• Security: Helps prevent unauthorized access to sensitive accounts.
• Resource Management: Prevents system accounts from consuming resources unnecessarily.
• Flexibility: Can be used to temporarily disable accounts or restrict access for specific users.

How to Create a Nologin User:

• Using useradd:Bash

  sudo useradd -s /sbin/nologin username
  

• Using usermod (for existing users):Bash

  sudo usermod -s /sbin/nologin username
  

Important Considerations:

• No Shell Access: Users with the “nologin” shell cannot run interactive shells or login remotely via SSH.
• Processes: Even though they can’t log in, processes can still run under a nologin user’s identity.
• Alternative: /bin/false can also be used as a shell for similar functionality, but it might not provide a user-friendly message.