Am 12.10.22 um 14:22 schrieb Vincent Lefevre:
On 2022-10-12 13:42:55 +0200, Michael Biebl wrote:
Am 12.10.22 um 13:15 schrieb Vincent Lefevre:
On 2022-10-12 11:39:40 +0200, Michael Biebl wrote:
What you see here is expected behaviour:
Your login via SSH is apparently done via PAM, which triggers the start of a
systemd --user instance (with all that it entails). And systemd dutifully
logs everything when setting up that user instance (and tearing it down
again on log out).

Well, the account was created by adduser with the --disabled-login
option. So I wonder why a systemd --user instance is started.

disabled-login means disabled password. You can still log in as that user
via other means (su, sudo, SSH keys).
Which mechanism do you use?

No, you are confusing with --disabled-password:

   --disabled-password
       Like --disabled-login, but logins are still possible (for example
       using SSH keys) but not using password authentication.

I really used --disabled-login. But the man page is really unclear.
The intent was to allow SSH connections, but "full" logins (with
additional services such as provided by systemd) are not necessary.

Apparently you can still use su, sudo etc with --disabled-login. So I wonder if there is a real difference in practice to --disabled-password.

In any case, apparently a "login" under that user has happened (via SSH I assume). Otherwise pam_systemd.so and `systemd --user` wouldn't have been triggered.

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

Reply via email to