Not long ago, Chris Carey proclaimed... > On 3/13/07, Kenneth Burgener <[EMAIL PROTECTED]> wrote: > > >and all files created by 'myprogram' are created as the 'myuser' > >program, which is what I wanted. But I wonder if having the 'myuser' > >with a default shell (and no password) would be a security hole, and > >possibly allow someone to SSH to my box using this user account. I > >noticed all other daemon users have "/sbin/nologin" as their default > >shell, and I assume they do this for a reason. > > > >Should I be concerned with this? > > > You can specifically deny SSH logins to that account by editing > /etc/ssh/sshd_config
See the DenyUsers directive in the sshd_config(5) man page.
-=Fozz
--
[EMAIL PROTECTED] is Doran L. Barton, president/CTO, Iodynamics LLC
Iodynamics: IT and Web services by Linux/Open Source specialists
"Depositing the room key into another person is prohibited."
-- Seen in a Japan hotel
pgpjT3UhBR3yX.pgp
Description: PGP signature
/* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
