More secure: check_shell=NO or /bin/false in /etc/shells?
I have an ftp server set up at my school for the sole purpose of holding drive images to use with g4u. The only remote access allowed is thru vsftpd, by a single user whose shell is /bin/false. Since /bin/false is not recognized as a valid shell on this system, I set check_shell=NO in vsftpd.conf. Not like it's a matter of high security or anything, but I was wondering which would be more secure, or if it made a difference: having check_shell=NO in /etc/vsftpd.conf, or listing /bin/false in /etc/shells?
|