[clug] Detecting malicious former employees

Michael Still mikal at stillhq.com
Tue Sep 12 03:53:44 GMT 2006


Edward Lang wrote:

> Mikal: thanks for the tip about the SSH authorized_keys file. Remote
> commands will work even with an invalid shell? How?

Ok, well I hadn't tested this, but was concerned. Now that I have tested 
it, ssh seems smart enough to not allow ssh / scp / command execution if 
you shell is set to /bin/false.

I stand corrected.

Mikal


More information about the linux mailing list