[blfs-support] noshell

Bruce Dubbs bruce.dubbs at gmail.com
Mon Nov 4 11:09:23 PST 2013


Simon Geard wrote:
> On Sun, 2013-11-03 at 11:03 -0600, Bruce Dubbs wrote:
>> I'm unaware why noshell would be an advantage over /bin/false.  What
>> does it do that is needed?
>
> Most google results indicate that it's to do with logging - that noshell
> will report that someone attempted to obtain a shell as a system user,
> whereas  /bin/false will just silently do nothing.

After looking at tons of logs of people trying to log into a system 
using ssh and guessing usernames and passwords, I've given up trying to 
monitor such foolishness.  I'd only want to bother to do something like 
that in a very high security situation.  Perhaps this is a package for 
Hardened LFS, but I don't know how active that it.

   -- Bruce





More information about the blfs-support mailing list