Provided by: titantools_4.0.11+notdfsg1-7_amd64 bug

NAME
       noshell — shell for administrative users that should never log in


DESCRIPTION
       noshell  is  a shell that can be assigned to system users which need to be active but should never log in
       to the system. noshell helps monitor attempts to access disabled accounts and logs this into syslog.

       If a user attempts to connect to the system through an administrative user that has a valid password  and
       uses noshell  as his shell, then the use of noshell will be logged, the connection will be terminated and
       the user will be unable to gain access to the host.

       After  connecting  the  login  program  might display the timestamp of the last loging. For example, in a
       remote connection:

              hostileuser@hostile_host% ssh -l adminuser remote_host

              adminuser@remote_host's password: *******

              (System's /etc/motd)

              Last login: Sat Nov 22 23:30:41 2003 from localhost

              Connection to remote_host closed.

       If the user is denied access, noshell will send a message to syslog using the LOG_AUTH facility. It  does
       not  provide  any indication of wether this connection attempt was local or remote, this information must
       be retrieved from other logs. In the above example the following would get recorded in /var/log/authlog:

              Nov 22 23:30:41 remote_host sshd[9950]: Accepted password for  adminuser  from  hostile_host  port
              44422 ssh2

              Nov 22 23:30:41 remote_host ssh(pam_unix)[9952]: session opened for user adminuser by (uid=1)

              Nov  22  23:30:41 remote_host noshell[9953]: Noshell warning: user adminuser login from a disabled
              shell

              Nov 22 23:30:41 remote_host ssh(pam_unix)[9952]: session closed for user adminuser

       In Debian, noshell is an alternative to the nologin shell, the latter is provided in the  login  package.
       The  main differences between them is that noshell will not provide any information of why the access has
       been denied.


OPTIONS
       This program does not use any option.


SEE ALSO
       shells(5), login(1), nologin(8).


AUTHOR
       This manual page was written by Javier Fernandez-Sanguino Peña <jfs@debian.org>  for  the  Debian  system
       (but may be used by others).  Permission is granted to copy, distribute and/or modify this document under
       the  terms  of the GNU General Public License, Version 2 any later version published by the Free Software
       Foundation.

       On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-
       licenses/GPL.

                                                                                                   TITANTOOLS(1)