Re: Turning off shell access

To: debian-user@lists.debian.org
Subject: Re: Turning off shell access
From: Dave Sherohman <esper@sherohman.org>
Date: Tue, 14 Mar 2006 18:39:26 -0600
Message-id: <[🔎] 20060315003926.GC26528@sherohman.org>
Mail-followup-to: Dave Sherohman <esper@sherohman.org>, debian-user@lists.debian.org
In-reply-to: <[🔎] 20060314210028.GB12342@jerkface.net>
References: <[🔎] E4BBB1E1-816B-44F4-A7F6-FDA1B9FE0D90@addihetja.com> <[🔎] 20060314210028.GB12342@jerkface.net>

On Tue, Mar 14, 2006 at 04:00:29PM -0500, Andrew Cady wrote:
> On Tue, Mar 14, 2006 at 08:32:06PM +0000, Arnór Kristjánsson wrote:
> > How can I turn off shell access (through SSH) for certain users?
> 
> If you want to disable all shell access (including local) then set the
> user's login shell to something not in /etc/shells (/bin/false is a good
> choice).

There are actually a few things which complain about shells that
aren't in /etc/shells, so I usually add /bin/false to that list.
Setting a user's shell to /bin/false still works, though.  /bin/false
immediately exits - so they can log in, but their "shell" exits as
soon as they do, logging them right back out.  (Not that /bin/false
would allow them to do anything even if they were still logged in to
it...)

-- 
The freedoms that we enjoy presently are the most important victories of the
White Hats over the past several millennia, and it is vitally important that
we don't give them up now, only because we are frightened.
  - Eolake Stobblehouse (http://stobblehouse.com/text/battle.html)

Reply to:

Follow-Ups:
- Re: Turning off shell access
  - From: bob@proulx.com (Bob Proulx)

References:
- Turning off shell access
  - From: Arnór Kristjánsson <addi@addihetja.com>
- Re: Turning off shell access
  - From: Andrew Cady <d@jerkface.net>

Prev by Date: Gnome terminal: strange keyboard characters
Next by Date: Re: distribution upgrade question
Previous by thread: Re: Turning off shell access
Next by thread: Re: Turning off shell access
Index(es):
- Date
- Thread