And is there a way to get around this requirement?
I am trying to set up a service that will provide an SSH tunnel. It
basically just needs to run:
ssh -NT -L 8080:localhost:80 tunnel@remote
I have created a "tunnel" user on both the local and remote systems for
this purpose. On the remote system, the tunnel user's shell is set to /bin/true, and this doesn't cause any problems (thanks to the -N
parameter).
However, I've found that SSH doesn't work if the *local* tunnel user
doesn't have a working shell. For example, if I set the local tunnel
user's shell to /sbin/nologin, the connection fails with the following
message.
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: ssh_exchange_identification: This account is currently not
available.
ssh_exchange_identification: Connection closed by remote host
"tunnel" is a service account, so it really shouldn't have a shell.
Why is SSH trying to run the *local* user's shell, and is there a way to
change this behavior?
--
========================================================================
Ian Pilcher
arequipeno@gmail.com -------- "I grew up before Mark Zuckerberg invented friendship" -------- ========================================================================
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)