How to disable the root shell in Linux?
-
As root, change /bin/bash to /bin/nologin (for the root user) in /etc/passwd and save the file.
# /bin/vi /etc/passwd
root:x:0:0:root:/root:/bin/nologin
When a non-root user tries to su to root, the following message will appear:
$ su - Password: su: /bin/nologin: No such file or directory
Warning: this prevents access to the root account by any programme that uses a shell i.e. su, ssh. Programmes not using a shell i.e. mail, sudo, can still access the root account.
© Lightnetics 2024