What is the good way to create a user with no password?
By no password, I mean an account, that would be usable only by the root account using the su/sudo commands (like the "nobody" user used by Apache or Nginx).
I've read that putting a * in the password field of the /etc/shadow file works but I'd like to know if there is a way to do it with the useradd command.
I thought of doing:
useradd my_new_user -s /sbin/nologin -p '*'
but I'm not sure the useradd command can be used this way. I haven't found any reference about it.
Best Answer
This works the way you described (of course you can specify whichever shell you'd like in place of
/bin/bash
):After executing the above
useradd
command, the following entry is in my/etc/shadow
file:When using John Smith Optional's answer, the following will work:
EDIT: I'd like to point out that the difference is that you cannot
su
into an account which has the shell specified as/sbin/nologin
unless you specify a usable shell when issuing thesu
command:(Tested in CentOS 6.4 -- should work in a variety of distros).