On Thu, May 11, 2000 at 12:28:46AM -0400, Mike Bilow wrote: > In fairness, that would be a security compromise for sshd to notify a user > about why they are being denied access, especially since sshd runs > /bin/login which is what actually sees the /etc/nologin semaphore file. 2 things: 1) sshd does NOT use /bin/login not unless you use the UseLogin option is used in sshd_config (which AFAIK is broken) 2) standard behaviour for dealing with /etc/nologin is to display its contents and deny access. if its empty then obviously no further information is given, but if the admin wishes to keep the damn phone from ringing every 2 seconds with users wanting to know why the hell there account is locked he can add a usefull comment to /etc/nologin. i see no security problems with that behaviour. -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpMuKMOwmmz1.pgp
Description: PGP signature