Bug#1021613: systemd: generates too much log for ssh connection
Michael Biebl
biebl at debian.org
Wed Oct 12 13:43:06 BST 2022
Am 12.10.22 um 14:22 schrieb Vincent Lefevre:
> On 2022-10-12 13:42:55 +0200, Michael Biebl wrote:
>> Am 12.10.22 um 13:15 schrieb Vincent Lefevre:
>>> On 2022-10-12 11:39:40 +0200, Michael Biebl wrote:
>>>> What you see here is expected behaviour:
>>>> Your login via SSH is apparently done via PAM, which triggers the start of a
>>>> systemd --user instance (with all that it entails). And systemd dutifully
>>>> logs everything when setting up that user instance (and tearing it down
>>>> again on log out).
>>>
>>> Well, the account was created by adduser with the --disabled-login
>>> option. So I wonder why a systemd --user instance is started.
>>
>> disabled-login means disabled password. You can still log in as that user
>> via other means (su, sudo, SSH keys).
>> Which mechanism do you use?
>
> No, you are confusing with --disabled-password:
>
> --disabled-password
> Like --disabled-login, but logins are still possible (for example
> using SSH keys) but not using password authentication.
>
> I really used --disabled-login. But the man page is really unclear.
> The intent was to allow SSH connections, but "full" logins (with
> additional services such as provided by systemd) are not necessary.
Apparently you can still use su, sudo etc with --disabled-login. So I
wonder if there is a real difference in practice to --disabled-password.
In any case, apparently a "login" under that user has happened (via SSH
I assume). Otherwise pam_systemd.so and `systemd --user` wouldn't have
been triggered.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20221012/02b36770/attachment.sig>
More information about the Pkg-systemd-maintainers
mailing list