man noshell (Commandes) - shell for administrative users that should never log in

NAME

noshell - shell for administrative users that should never log in

DESCRIPTION

noshell is a shell that can be used for system users which need to be active but should never be used to log in to the system. noshell monitors attempts to access disabled accounts and logs this into syslog.

If a user attempts to connect to the system through an administrative user that has a valid password the connection will be terminanted and the user will be unable to gain access to the host.

After connecting the login program might display the timestamp of the last loging. For example, in a remote connection:

hostileuser@hostile_host% ssh -l adminuser remote_host adminuser@remote_host's password: ******* (System's /etc/motd) Last login: Sat Nov 22 23:30:41 2003 from localhost Connection to remote_host closed.

If the user is denied access, noshell will send a message to syslog using the LOG_AUTH facility. It does not provide any indication of wether this connection attempt was local or remote, this information must be retrieved by other systems. In the above example the following would get recorded in /var/log/authlog:

Nov 22 23:30:41 remote_host sshd[9950]: Accepted password for adinuser from hostile_host port 44422 ssh2 Nov 22 23:30:41 remote_host ssh(pam_unix)[9952]: session opened for user adminuser by (uid=1) Nov 22 23:30:41 remote_host noshell[9953]: Noshell warning: user adminuser login from a disabled shell Nov 22 23:30:41 remote_host ssh(pam_unix)[9952]: session closed for user adminuser

OPTIONS

This program does not use any option.

SEE ALSO

CERT® Security Improvement Modules (link to URL http://www.cert.org/security-improvement/)

The TITAN FAQ (link to URL http://www.fish.com/titan/FAQ.html)

AUTHOR

This manual page was written by Javier Fernandez-Sanguino Peña >jfs@computer.org< for the Debian system (but may be used by others). Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 any later version published by the Free Software Foundation.

On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL.