openssh ignores locked account using public key authentication

Doran L. Barton fozz at iodynamics.com
Mon Oct 3 15:32:02 MDT 2005


Erin Sharmahd wrote:
>>One of the traditional way to lock an account is to set the shell to
>>/bin/false.  Theoretically there might still be some problem with that,
>>too, but I can't think of anything.
> 
> 
> Can they still use scp with this?  It seems like they would be able to...

I use a handy shell replacement called rssh for this.

	<http://www.pizzashack.org/rssh/index.shtml>

Derek/Goozbach wrote about another technique  recently in his GuruLabs 
blog. It's called scponly:

	<http://www.sublimation.org/scponly/>

(Read Goozbach's stuff: <http://blogs.gurulabs.com/derek/>.)

-- 
fozz at iodynamics.com is Doran L. Barton, president, Iodynamics LLC
Iodynamics: Linux solutions - Web development - Business connectivity
  "This is goods for those who wish to enjoy simple and rational lives."
     -- Label on a wastebasket for sale in Japan



More information about the PLUG mailing list