[techtalk] login restriction
jenn at simegen.com
jenn at simegen.com
Fri Jul 7 23:58:00 EST 2000
"Susannah D. Rosenberg" wrote:
>
> Samantha Jo Moore wrote:
> > If you change this for /bin/false then they won't
> > be able to telnet in.
>
> yeah, but it still leaves rlogind and telnetd flapping in the wind. can
> you say "telnet to port 25", boys and girls?
>
> gaping security flaws are /bad/.
Summary:
/bin/false or /bin/true as a login shell prevents an individual from
logging in via telnet, ssh or rlogin.
Closing off rlogind and telnetd prevents ANYONE from logging in via
rlogin or telnet. (But not ssh. Which is usually deliberately permitted)
Jenn V.
--
"Do you ever wonder if there's a whole section of geek culture
you miss out on by being a geek?" - Dancer.
jenn at simegen.com Jenn Vesperman
http://www.simegen.com/~jenn/
More information about the Techtalk
mailing list