Overview
The chsh (change shell) command is used to change the login shell that launches immediately after a user logs into the terminal. It is commonly used to switch from the default bash to other shells like zsh, or to disable a system management user’s shell for security purposes. The changes are directly updated in the user database (/etc/passwd) and will take effect the next time the user logs in.
Specifications (Arguments and Options)
Syntax
BASH
chsh [options] [username]
Main Options
| Option | Description |
| -s [shell] | Specifies the full path of the new login shell. |
| -l, –list-shells | Displays a list of available shells on the system (listed in /etc/shells). |
Basic Usage
If you execute the command without any options, it enters interactive mode. It displays the current setting and prompts you to enter the new shell path.
BASH
# Check the current setting
grep mori /etc/passwd
# Change in interactive mode (password required)
chsh
# Verify the change
finger mori
Example Output
Changing shell for mori.
Password:
New shell [/bin/bash]: /bin/zsh
Shell changed.
Practical Commands
Changing a Specific User’s Shell with Admin Privileges
In this scenario, a system administrator forces a change of the login shell for the user mori to /bin/tcsh. Since this is executed with administrator (root) privileges, knowing the user’s password is not required.
BASH
# Change mori's shell with admin privileges
sudo chsh -s /bin/tcsh mori
# Check the result
grep mori /etc/passwd
Example Output
mori:x:1001:1001::/home/mori:/bin/tcsh
Changing Your Own Shell in One Command
You can skip the interactive mode and specify the new shell directly using an argument. Here, we switch to /bin/zsh to set up a development environment.
BASH
# Change my shell to zsh
chsh -s /bin/zsh
# Verify
grep mori /etc/passwd
Displaying a List of Available Shells
This command confirms the list of secure shell paths installed and registered on the system. Specifying a shell not listed here may result in a warning.
BASH
# Display content of /etc/shells
chsh -l
Example Output
/bin/sh
/bin/bash
/usr/bin/zsh
/usr/bin/git-shell
/bin/tcsh
Customization Tips
Setting a nologin Shell
For security reasons, if you want to prevent a user (e.g., mori) from logging in, you can change their shell to /sbin/nologin or /bin/false. This denies SSH connections and local logins.
BASH
sudo chsh -s /sbin/nologin mori
Important Notes
Specify Full Paths
When specifying a shell, you must use the absolute path, such as /bin/zsh or /usr/bin/zsh, rather than just zsh. If you are unsure of the path, use the which zsh command to find it.
Changes Are Not Immediate
Although the changes are written to the /etc/passwd file, they do not affect the currently open terminal. The new shell will launch only after you log out and log back in.
Summary
The chsh command is a fundamental tool for modifying a user’s working environment by defining their shell. While similar changes can be made using the usermod command, chsh differs in that it allows standard users to modify their own environments. Always verify available paths with the -l option before making changes to avoid specifying a non-existent path and locking yourself out.
