Bug#419132: ssh: /usr/sbin/nologin used for shell, not present in /etc/shells
Brian Clark <brian+nevdull@unwell.org> writes:
> Should the Debian package of openssh have user sshd use /bin/false
> instead? The man pages seem to indicate that /usr/sbin/nologin and
> /bin/false provide the same function.
/usr/sbin/nologin is supposed to be a more secure way of doing the same
thing. There was a long discussion about this a while back, and I think
the conclusion was that /usr/sbin/nologin was better than /bin/false for
this purpose.
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
Reply to: