Both these commands /sbin/nologin and /bin/false are used to refuse login attempt however they differ slightly on providing customizable error message to user.
- To restrict a user from SSH to server
- When someone attempts to SSH with this user defined with /sbin/nologin, a cusotmizable message can be shown to the user. By default gets ‘This account is currently not available’
- A customizable message can be set in /etc/nologin.txt
$ sudo useradd -s /sbin/nologin itadminguideuser
- Also restricts a user from SSH to server
- When someone attempts to SSH with this user defined with /bin/false, a user is immediately logged out with a proper message
$ sudo useradd -s /bin/false itadminguideuser