Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SSH with a nologin account
Top Forums UNIX for Dummies Questions & Answers SSH with a nologin account Post 302548537 by Corona688 on Thursday 18th of August 2011 04:28:20 PM
Old 08-18-2011
You can't login to ssh with an account set to nologin, no. That's kind of the point.

Actually now that I think of it you can install a utility called 'scponly', which is a special "shell" which will allow users to login for scp/sftp but won't permit them to login to a shell session. This would have the security advantages of nologin, but still let you check keys by logging in with scp.
 

8 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Shell account SSH Tunnelling?

What do I need to do to be able to connect to an IRC server from work? At work I'm behind a firewall that blocks all IRC connections on standard ports. I read that I could use a shell account and set something up (which I am searching what) that I could use to connect to and tunnel my... (4 Replies)
Discussion started by: KromiX
4 Replies

2. UNIX for Dummies Questions & Answers

need a stable proxy server or free ssh account to visit blocked sites, who can help?

In our country, blogspot.com, twitter.com facebook.com....and more excellent sites are blocked by the Goverment FireWall, who can help me ? thanks a lot for your kind. (2 Replies)
Discussion started by: shuke
2 Replies

3. UNIX for Dummies Questions & Answers

Creating FTP account using SSH (putty)?

Hello, : ) I have a remote access to the server that hosts my joomla, and it does not have cpanel. So I have to do everything manually. I need to have an FTP account to the httpdocs folder because I need to put these info in the config file of joomla (to allow file uploading ...etc) So,... (8 Replies)
Discussion started by: Hayatt
8 Replies

4. Cybersecurity

openssh_4.6 on Unixware 7.1.4 - ssh does not lock account after x attempts

Hi all, I am having some issues with openssh vers OpenSSH_4.6p1 on SCO unixware 7.1.4 when a user accesses the system via ssh and the password is incorrect and more attempts have been made that the lock out limit I find that although there are messages in the syslog the account does not lock... (0 Replies)
Discussion started by: chlawren
0 Replies

5. UNIX for Dummies Questions & Answers

ssh for different user account in a server configuration

Hi team, I am not able to configure the ssh settings for a UserA to do ssh or scp to the UserB in the same server , what could be the best way to do the ssh form UserA to UserB. I've generated the public key in UserA ~/.ssh and kept a copy of that in ~/.ssh of authorized_key of UserB . Still... (1 Reply)
Discussion started by: posix
1 Replies

6. Shell Programming and Scripting

Need help regarding user with nologin

Hi, Need one clarification.. If suppose, I have disabled the login to a particular user XXX, but not deleted the user. So the scripts which must be executed using the user XXX can still be executed using that user or is it not possible..? In our tasks, we are disabling the user XXX, and after... (1 Reply)
Discussion started by: Dpu
1 Replies

7. Red Hat

Su-only account with ssh capability and no interactive login

Hello experts, Is it possible to have an user account on RHEL 6.3 as a su-only account, but with ssh capability and no interactive login? Let me elaborate. Say, we have a cluster of 5 RHEL 6.3 servers and an user account (strmadmin) on each of the server as an su-only... (1 Reply)
Discussion started by: naveendronavall
1 Replies

8. UNIX for Beginners Questions & Answers

Allow AD service account SSH to Linux systems without 2FA

I have Windows AD server and all of the linux computers are joined to AD. Recently, 2FA has been activated, I wish to exclude some of the domain service accounts from 2FA # less /etc/pam_radius_acl.conf sshd:* # /etc/pam.d/sshd auth required pam_sepermit.so auth requisite... (0 Replies)
Discussion started by: davidpar007
0 Replies

LEARN ABOUT HPUX

pam_nologin

PAM_NOLOGIN(8)							 Linux-PAM Manual						    PAM_NOLOGIN(8)

NAME

       pam_nologin - Prevent non-root users from login

SYNOPSIS

       pam_nologin.so [file=/path/nologin] [successok]

DESCRIPTION

       pam_nologin is a PAM module that prevents users from logging into the system when /var/run/nologin or /etc/nologin exists. The contents of
       the file are displayed to the user. The pam_nologin module has no effect on the root user's ability to log in.

OPTIONS

       file=/path/nologin
	   Use this file instead the default /var/run/nologin or /etc/nologin.

       successok
	   Return PAM_SUCCESS if no file exists, the default is PAM_IGNORE.

MODULE TYPES PROVIDED

       The auth and acct module types are provided.

RETURN VALUES

       PAM_AUTH_ERR
	   The user is not root and /etc/nologin exists, so the user is not permitted to log in.

       PAM_BUF_ERR
	   Memory buffer error.

       PAM_IGNORE
	   This is the default return value.

       PAM_SUCCESS
	   Success: either the user is root or the nologin file does not exist.

       PAM_USER_UNKNOWN
	   User not known to the underlying authentication module.

EXAMPLES

       The suggested usage for /etc/pam.d/login is:

	   auth  required  pam_nologin.so

NOTES

       In order to make this module effective, all login methods should be secured by it. It should be used as a required method listed before any
       sufficient methods in order to get standard Unix nologin semantics. Note, the use of successok module argument causes the module to return
       PAM_SUCCESS and as such would break such a configuration - failing sufficient modules would lead to a successful login because the nologin
       module succeeded.

SEE ALSO

       nologin(5), pam.conf(5), pam.d(5), pam(7)

AUTHOR

       pam_nologin was written by Michael K. Johnson <johnsonm@redhat.com>.

Linux-PAM Manual						    09/19/2013							    PAM_NOLOGIN(8)
All times are GMT -4. The time now is 11:11 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy