Here we will see how to block or disable normal user logins in Linux. This is a good idea to prevent Normal users from connecting to your system. We will see how to block Normal user logins using /etc/nologin file. We are going to tell the users that what is actually happening by showing them a message.
The main function of /etc/nologin file is to show a message to the users which are attempting to log on to a system during the process of the shutdown.
Once the message is shown to the user the login procedure terminates which stops the user from logging onto the system and apart from this you can also add your own message which you want to display, you can open the file in vi, nano text editor, and type it.
The /etc/nologin file can be created manually as shown below which is used to block the users’ login:
sudo touch /etc/nologin
And the below message will be shown to the user who is attempting to log on to the system.
echo "System down for maintenance, try again later" | sudo tee /etc/nologin
Now you can see from the screenshot below that a Normal user is not able to login.
To allow logins again you have to delete the /etc/nologin file.
The below command will help you in deleting /etc/nologin file.
sudo rm /etc/nologin
Block Specific User from Logging in Interactively:
You can use the nologin shell to block some specific users. The nologin shell is located in /usr/sbin/nologin
This command will help you in finding the location of nologin shell:
$ which nologin /usr/sbin/nologin
Now to set the user’s shell to nologin you can use the usermod command, Here we are going to set “priyanshu” users shell to nologin.
usermod -s /usr/sbin/nologin priyanshu
Unblock Specific User from Logging in Interactively:
Now to re-enable some specific users to login again simply set their shell back to bash.
To set the “priyanshu” users shell back to bash use the below command:
usermod -s /bin/bash priyanshu