To deny a system user login, you can set its shell to/usr/sbin/nologin or/bin/false
# usermod-s/usr/sbin/nologin username
Or
# usermod-s/bin/false username
/bin/false/bin/false does nothing but returns an error state and exits immediately. Set the user's shell to/bin/false, the user will not be able to log on, and there will be no prompt.
/usr/sbin/ is currently not available. There are some software, such as some FTP server software, for local non-virtual accounts, only the user has a valid shell to use the FTP service. You can use Nologin to log in to the system, and to use some system services, such as FTP services. /bin/false is not, this is one of the important differences between the two.
/etc/Nologin If a/etc/nologin file exists, the system only allows the root user to log on, and all other users are denied login and the contents of the/etc/nologin file are displayed to them.
Linux users modify the user shell