Difference between /sbin/nologin and /bin/false

Posted by

Both these commands /sbin/nologin and /bin/false are used to refuse login attempt however they differ slightly on providing customizable error message to user.

/sbin/nologin

  • To restrict a user from SSH to server
  • When someone attempts to SSH with this user defined with /sbin/nologin, a cusotmizable message can be shown to the user. By default gets ‘This account is currently not available’
  • A customizable message can be set in /etc/nologin.txt

$ sudo useradd -s /sbin/nologin itadminguideuser

/bin/false

  • Also restricts a user from SSH to server
  • When someone attempts to SSH with this user defined with /bin/false, a user is immediately logged out with a proper message

$ sudo useradd -s /bin/false itadminguideuser