I am not sure what to do with OpenSSH, but I the program from ssh.com offers
ssh-dummy-shell which I believe will do what you are asking.
http://www.ssh.com/support/ssh/man/ssh-dummy-shell-man.html
Eric Wanamaker
-Original Message-
From: Geeking Out [mailto:[EMAIL PROTECTED]]
Sent:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
If you have a Cisco (or any other Router that is halfway decent) in
front why not set up an access list denying traffic with a
destination port of 22?
This would solve the problem quite easily.
HTH,
Leon
- -Original Message-
From: Geeking
Set the user's shell to something that's not a shell. Some systems have a
/sbin/nologin, or you can use /bin/false or something equally harmless.
It's proabably gotta exist in your system's list of valid shells
(/etc/shells).
hope that helps.
- Jared Lovell
On Thu, 31 Jan 2002, Geeking