Date: Thu, 27 Jan 2000 00:22:03 -0800 From: The Mad Scientist <madscientist@thegrid.net> To: Marc SCHAEFER <schaefer@alphanet.ch> Cc: freebsd-security@freebsd.org Subject: Re: sshd and pop/ftponly users incorrect configuration Message-ID: <4.1.20000127001817.00938470@mail.thegrid.net> In-Reply-To: <Pine.LNX.4.10.10001251128120.14396-100000@vulcan.alphanet.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
At 11:30 AM 1/25/00 +0100, you wrote: >NAME > sshd-restricted-users-incorrect-configuration > >AUTHOR > Marc SCHAEFER <schaefer@alphanet.ch> > Andreas Trottmann <andreas.trottmann@werft22.com> <chomp> >IMMUNE CONFIGURATIONS > You are immune to this problem if one (or more) of the following > is true: > > - the group(s) where those users belong to is listed in > /etc/ssh/sshd_config or equivalent configuration file as > DenyGroups group1 group2 # etc > (this is the recommended setup) > > - no user which has an account hasn't a shell (he will be able > to do the above, except the root@ IDENT, anyway, if he has a shell) This line is a little confusing to me. Do you mean every user with an account has no shell? What do you mean by account? (pop?) And who is 'he'? -Dean To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.1.20000127001817.00938470>