I know this has come up before and I even saw a patch from Niklas
Edmundsson for 2.1.1p2 (see
http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=96316919430887&w=2 )
I had the (mis)fortune recently of realizing that if PAM is defined,
/etc/nologin is not honored. session.c tells me that pam_nologin is
supposed to take care of this, and that's nice, except that it's a
Linux Thing. It doesn't exist on the platform I'm using (Solaris).
I really don't like local hacks and I'm sure there are other Solaris
people out there who aren't too happy about this situation... how can
this be remedied (other than undefining PAM, of course)?
And finally, thanks for the great software, developers. You make all our
work that much more secure :-)
