08-18-2011
SSH with a nologin account
Is it possible to SSH with an account that has its shell set to /sbin/nologin?
The reason I ask is because I am running an instance of nagios where I need to use SSH keys to run a check, but I am getting connect errors in Nagios. Also, what is the risk I run into if I just simply change my nagios user's shell from nolgin to /sbin/bash
is this not recommended?
Thanks
8 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
What do I need to do to be able to connect to an IRC server from work?
At work I'm behind a firewall that blocks all IRC connections on standard ports.
I read that I could use a shell account and set something up (which I am searching what) that I could use to connect to and tunnel my... (4 Replies)
Discussion started by: KromiX
4 Replies
2. UNIX for Dummies Questions & Answers
In our country, blogspot.com, twitter.com facebook.com....and more excellent sites are blocked by the Goverment FireWall, who can help me ? thanks a lot for your kind. (2 Replies)
Discussion started by: shuke
2 Replies
3. UNIX for Dummies Questions & Answers
Hello, : )
I have a remote access to the server that hosts my joomla, and it does not have cpanel.
So I have to do everything manually.
I need to have an FTP account to the httpdocs folder because I need to put these info in the config file of joomla (to allow file uploading ...etc)
So,... (8 Replies)
Discussion started by: Hayatt
8 Replies
4. Cybersecurity
Hi all,
I am having some issues with openssh vers OpenSSH_4.6p1 on SCO unixware 7.1.4
when a user accesses the system via ssh and the password is incorrect and more attempts have been made that the lock out limit I find that although there are messages in the syslog the account does not lock... (0 Replies)
Discussion started by: chlawren
0 Replies
5. UNIX for Dummies Questions & Answers
Hi team,
I am not able to configure the ssh settings for a UserA to do ssh or scp to the UserB in the same server , what could be the best way to do the ssh form UserA to UserB.
I've generated the public key in UserA ~/.ssh and kept a copy of that in ~/.ssh of authorized_key of UserB . Still... (1 Reply)
Discussion started by: posix
1 Replies
6. Shell Programming and Scripting
Hi,
Need one clarification..
If suppose, I have disabled the login to a particular user XXX, but not deleted the user.
So the scripts which must be executed using the user XXX can still be executed using that user or is it not possible..?
In our tasks, we are disabling the user XXX, and after... (1 Reply)
Discussion started by: Dpu
1 Replies
7. Red Hat
Hello experts,
Is it possible to have an user account on RHEL 6.3 as a su-only account, but with ssh capability and no interactive login? Let me elaborate.
Say, we have a cluster of 5 RHEL 6.3 servers and an user account (strmadmin) on each of the server as an su-only... (1 Reply)
Discussion started by: naveendronavall
1 Replies
8. UNIX for Beginners Questions & Answers
I have Windows AD server and all of the linux computers are joined to AD.
Recently, 2FA has been activated, I wish to exclude some of the domain service accounts from 2FA
# less /etc/pam_radius_acl.conf
sshd:*
# /etc/pam.d/sshd
auth required pam_sepermit.so
auth requisite... (0 Replies)
Discussion started by: davidpar007
0 Replies
LEARN ABOUT MOJAVE
nologin
NOLOGIN(5) BSD File Formats Manual NOLOGIN(5)
NAME
nologin -- disallow logins
DESCRIPTION
Programs such as login(1) disallow logins if the nologin file exists. The programs display the contents of nologin to the user if possible
and interrupt the login sequence. This makes it simple to temporarily prevent incoming logins systemwide.
To disable logins on a per-account basis, investigate nologin(8).
SECURITY
The nologin file is ignored for user root by default.
IMPLEMENTATION NOTES
The nologin feature is implemented through login.conf(5), which allows to change the pathname of the file and to extend the list of users
exempt from temporary login restriction.
PAM-aware programs can be selectively configured to respect nologin using the pam_nologin(8) module via pam.conf(5).
The nologin file will be removed at system boot if it resides in /var/run and cleanvar_enable is set to ``YES'' in rc.conf(5), which is
default. Therefore system reboot can effectively re-enable logins.
FILES
/var/run/nologin default location of nologin
SEE ALSO
login(1), login.conf(5), pam.conf(5), rc.conf(5), nologin(8), pam_nologin(8), shutdown(8)
BSD
May 10, 2007 BSD