openssh ignores locked account using public key authentication

Doran L. Barton fozz at
Mon Oct 3 15:32:02 MDT 2005

Erin Sharmahd wrote:
>>One of the traditional way to lock an account is to set the shell to
>>/bin/false.  Theoretically there might still be some problem with that,
>>too, but I can't think of anything.
> Can they still use scp with this?  It seems like they would be able to...

I use a handy shell replacement called rssh for this.


Derek/Goozbach wrote about another technique  recently in his GuruLabs 
blog. It's called scponly:


(Read Goozbach's stuff: <>.)

fozz at is Doran L. Barton, president, Iodynamics LLC
Iodynamics: Linux solutions - Web development - Business connectivity
  "This is goods for those who wish to enjoy simple and rational lives."
     -- Label on a wastebasket for sale in Japan

More information about the PLUG mailing list