How to Use nologin to Block User Logins on Linux

nologin: Denying User Logins

Feature Description

The nologin command politely refuses user logins to the system while providing a message.

If a user attempts to log in with such an account, a record is added to the log and the terminal displays the message “This account is currently not available”. This type of account is typically used for service accounts that should start services but not log into the system.

Syntax

nologin

Example: Restrict a User Login

[root@cnLinuxer ~]# nologin

Extended Knowledge

During Linux system maintenance, you may want to prevent certain or all users from logging in to ensure the system remains stable. After disabling login, users cannot log in interactively, but they may still access services such as FTP or Samba.

1. Disable an FTP User Login

[root@cnLinuxer ~]# passwd -l ftp01

2. Unlock a Locked User

[root@cnLinuxer ~]# passwd -u ftp01

3. Prevent Login by Editing /etc/passwd

vim /etc/passwd
# change:
ftp:x:1002:1002::/home/ftp:/bin/bash
# to:
ftp:x:1002:1002::/home/ftp:/sbin/nologin

4. Block All Users from Logging In

[root@cnLinuxer ~]# touch /etc/nologin

Creating /etc/nologin prevents all non‑root users from logging in.