Mike Leone on 23 Apr 2010 07:20:58 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] More advice on shell scripting and basic admin configurations


Claude M. Schrader had this to say:
> On 17:12 Thu 22 Apr     , Michael Leone wrote:
>> So I've figured out to edit /etc/password to change the user shell to
>> /bin/false; this stops the user from being able to telnet in. And I
>> can change the home folder there, too. Just have to remember to do
>> that for all new users.
> 
> 
> Telnet isn't disabled completely?

It is. The point is (generically) that if a user was able to telnet (or 
SSH) in, they could then go into other user's home directories, since by 
default the directories were created world-readable. In my case, I will 
set the shell to /bin/false, so they can't login in any way that gives 
them shell access (telnet, SSH, whatever).


___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug