Bug#366541: openssh-server: [security] use /bin/nologin instead of /bin/false
tags 366541 pending
thanks
On Tue, May 09, 2006 at 06:30:00PM +0300, Jari Aalto wrote:
> Package: openssh-server
> Version: 1:4.2p1-8
> Severity: normal
> Tags: security
>
> The /etc/passwd contains entry:
>
> sshd:x:101:65534::/var/run/sshd:/bin/false
>
> SUGGESTION
>
> The new login package includes /bin/nologin wich would be more secure,
> because it leaves trace to syslog after login attemps.
(/usr/sbin/nologin, after an extensive discussion.)
Thanks for the suggestion; I've made this change in my local openssh
tree for my next upload.
Cheers,
--
Colin Watson [cjwatson@debian.org]
Reply to: