https://bugzilla.mindrot.org/show_bug.cgi?id=3142
--- Comment #8 from Tetsuo Handa <[email protected]> --- (For the record) Although Apache's login shell is /sbin/nologin , it is meant not to allow shell login. Apache's CGI program is given freedom to use arbitrary executable specified in the CGI program (i.e. not only restricted shells but /bin/bash and perl and python). Therefore, for processes invoked from CGI, it is an unexpected behavior that /usr/bin/ssh uses /sbin/nologin for interpreting ProxyCommand. But since CGI program can also set SHELL environment variable, setting SHELL environment variable is the correct approach for preventing /usr/bin/ssh from using /sbin/nologin . -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
