nologin not working with openssh >= 4.3 and authentication != password

Michael Weiser michael at weiser.dinsnail.net
Sat Jan 6 03:59:12 EST 2007


Hi developers,

today I tried to disable logins to an ssh server by putting a nologin
file into /etc. This only worked for logins that use the password
authentication mechanism. publickey-based authentications still
succeeded and the users were allowed into the system. This seems
straightforward to me since openssh 4.3 disabled the evaluation of
/etc/nologin in favour of pam_nologin but doesn't use PAM for anything
other than password-based logins, does it?

Is this a known issue or even a non-issue due to a misunderstanding on
my part?
-- 
Thanks in advance,
bye, Michael


More information about the openssh-unix-dev mailing list