ALL


  SSH Security and You - /bin/false is *not* security

Backstory While at RIT around 2004 or 2005, I discovered that a few important machines at the datacenter allowed all students, faculty, and staff to authenticate against them via ssh. Everyone's shells appear to be set to /bin/false (or some derivative) on said machines, so the only thing you'll see after you authenticate is the login banner and your connection will close. I thought to myself, "Fine, no shell for me. I wonder if port forwarding works?" Seems reasonable, right? Whatever sysadmin was tasked with securing these machines forgot some...

13,752 0       LINUX SECURITY /BIN/FALSE SSH