noshell(1) shell for administrative users that should never log in


noshell is a shell that can be assigned to system users which need to be active but should never log in to the system. noshell helps monitor attempts to access disabled accounts and logs this into syslog.

If a user attempts to connect to the system through an administrative user that has a valid password and uses noshell as his shell, then the use of noshell will be logged, the connection will be terminated and the user will be unable to gain access to the host.

After connecting the login program might display the timestamp of the last loging. For example, in a remote connection:

hostileuser@hostile_host% ssh -l adminuser remote_host
  adminuser@remote_host's password: *******
  (System's /etc/motd)
  Last login: Sat Nov 22 23:30:41 2003 from localhost
  Connection to remote_host closed.

If the user is denied access, noshell will send a message to syslog using the LOG_AUTH facility. It does not provide any indication of wether this connection attempt was local or remote, this information must be retrieved from other logs. In the above example the following would get recorded in /var/log/authlog:

Nov 22 23:30:41 remote_host sshd[9950]: Accepted password for adminuser from hostile_host port 44422 ssh2
  Nov 22 23:30:41 remote_host ssh(pam_unix)[9952]: session opened for user adminuser by (uid=1)
  Nov 22 23:30:41 remote_host noshell[9953]: Noshell warning: user adminuser login from a disabled shell
  Nov 22 23:30:41 remote_host ssh(pam_unix)[9952]: session closed for user adminuser

In Debian, noshell is an alternative to the nologin shell, the latter is provided in the login package. The main differences between them is that noshell will not provide any information of why the access has been denied.


This program does not use any option.


This manual page was written by Javier Fernandez-Sanguino Peña <[email protected]> for the Debian system (but may be used by others). Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 any later version published by the Free Software Foundation.

On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL.