bruce.dubbs at gmail.com
Mon Nov 4 11:09:23 PST 2013
Simon Geard wrote:
> On Sun, 2013-11-03 at 11:03 -0600, Bruce Dubbs wrote:
>> I'm unaware why noshell would be an advantage over /bin/false. What
>> does it do that is needed?
> Most google results indicate that it's to do with logging - that noshell
> will report that someone attempted to obtain a shell as a system user,
> whereas /bin/false will just silently do nothing.
After looking at tons of logs of people trying to log into a system
using ssh and guessing usernames and passwords, I've given up trying to
monitor such foolishness. I'd only want to bother to do something like
that in a very high security situation. Perhaps this is a package for
Hardened LFS, but I don't know how active that it.
More information about the blfs-support