[CentOS] /bin/false as a login shell

[Aleksandar Milivojevic]

Kai Schaetzl wrote:
> I see that /bin/false is not a valid shell by default on CentOS. It is 
> f.i. on Suse. /bin/false is present, though. Is there a security reason 
> for this? man says that nologin gives feedback that the account is not 
> available while false just exits false. Anything against just adding 
> /bin/false to /etc/shells?

Just use it if you want.  I'd keep it out of /etc/shells.  Historically, 
some network daemons refused to authenticate users if user's shell was 
not present in /etc/shells.