openssh ignores locked account using public key authentication
Doran L. Barton
fozz at iodynamics.com
Mon Oct 3 15:32:02 MDT 2005
Erin Sharmahd wrote:
>>One of the traditional way to lock an account is to set the shell to
>>/bin/false. Theoretically there might still be some problem with that,
>>too, but I can't think of anything.
>
>
> Can they still use scp with this? It seems like they would be able to...
I use a handy shell replacement called rssh for this.
<http://www.pizzashack.org/rssh/index.shtml>
Derek/Goozbach wrote about another technique recently in his GuruLabs
blog. It's called scponly:
<http://www.sublimation.org/scponly/>
(Read Goozbach's stuff: <http://blogs.gurulabs.com/derek/>.)
--
fozz at iodynamics.com is Doran L. Barton, president, Iodynamics LLC
Iodynamics: Linux solutions - Web development - Business connectivity
"This is goods for those who wish to enjoy simple and rational lives."
-- Label on a wastebasket for sale in Japan
More information about the PLUG
mailing list