[CentOS] /bin/false as a login shell
Aleksandar Milivojevic
alex at milivojevic.org
Thu Mar 23 00:19:53 UTC 2006
Kai Schaetzl wrote:
> I see that /bin/false is not a valid shell by default on CentOS. It is
> f.i. on Suse. /bin/false is present, though. Is there a security reason
> for this? man says that nologin gives feedback that the account is not
> available while false just exits false. Anything against just adding
> /bin/false to /etc/shells?
Just use it if you want. I'd keep it out of /etc/shells. Historically,
some network daemons refused to authenticate users if user's shell was
not present in /etc/shells.
More information about the CentOS
mailing list