Man Linux: Main Page and Category List

NAME

       noshell — shell for administrative users that should never log in

DESCRIPTION

       noshell  is  a shell that can be used for system users which need to be
       active but should never be used  to  log  in  to  the  system.  noshell
       monitors  attempts  to  access  disabled  accounts  and  logs this into
       syslog.

       If a user attempts to connect to the system through  an  administrative
       user  that  has  a valid password the connection will be terminated and
       the user will be unable to gain access to the host.

       After connecting the login program might display the timestamp  of  the
       last loging. For example, in a remote connection:

              hostileuser@hostile_host% ssh -l adminuser remote_host

              adminuser@remote_host’s password: *******

              (System’s /etc/motd)

              Last login: Sat Nov 22 23:30:41 2003 from localhost

              Connection to remote_host closed.

       If  the  user  is  denied access, noshell will send a message to syslog
       using the LOG_AUTH facility. It does  not  provide  any  indication  of
       wether  this  connection  attempt was local or remote, this information
       must be retrieved by other systems. In the above example the  following
       would get recorded in /var/log/authlog:

              Nov  22  23:30:41  remote_host sshd[9950]: Accepted password for
              adinuser from hostile_host port 44422 ssh2

              Nov 22 23:30:41 remote_host ssh(pam_unix)[9952]: session  opened
              for user adminuser by (uid=1)

              Nov 22 23:30:41 remote_host noshell[9953]: Noshell warning: user
              adminuser login from a disabled shell

              Nov 22 23:30:41 remote_host ssh(pam_unix)[9952]: session  closed
              for user adminuser

OPTIONS

       This program does not use any option.

SEE ALSO

       CERT     Security     Improvement     Modules     (link     to     URL
       http://www.cert.org/security-improvement/)

       The TITAN FAQ (link to URL http://www.trouble.org/titan/FAQ.html)

AUTHOR

       This  manual  page  was  written  by  Javier  Fernandez-Sanguino   Peña
       <jfs@computer.org>  for  the Debian system (but may be used by others).
       Permission is granted to copy, distribute and/or modify  this  document
       under  the terms of the GNU General Public License, Version 2 any later
       version published by the Free Software Foundation.

       On Debian systems, the complete text of the GNU General Public  License
       can be found in /usr/share/common-licenses/GPL.

                                                                 TITANTOOLS(1)