[techtalk] login restriction

[Brian Sweeney]

Hey all-

Thanks everyone for the responses; the setting login to /bin/false is a neat
trick.  Also, FYI to those who feared for the security of my server, I DO
have a firewall implemented, and this machine is behind it.  I don't have to
worry as much about what ports are open where b/c the firewall only lets
SMTP traffic connect to the server from the outside world, and it has some
decent anti-spoofing in case someone tries to pretend their on my team. ;-).
I was really just concerned with some dumb-luck user reading about a "nifty
telnet thingy" on the web and doing damage purely by accident.  Hence my
wanting to lock them out.  I do try and be of the minimalist school whenever
possible "If they don't NEED it, don't give it...".  Oh, and I typoed
before; I'm running RHL6.1...but thanks for the tips on 6.0, I didn't
realize it was so bad.  *SIGH* too many servers to administer...;-)

Does anybody know, on a side note, why the /etc/security/access.conf file is
there by default, to be used by PAM, even though it apparently doesn't do
anything?

-Brian