In message <Pine.NEB.4.62.0506091220100.18388@chris.i8u.org>, Hisashi T Fujinak
a writes:
>Hmm. Would /bin/false give you better feedback as to why the login is
>failing? I suppose no feedback is more secure, but I was debugging CVS
>and yeesh, what a mess.
>

Except in very special circumstances, giving no feedback rarely adds 
any noticeable amount of security.  Making services hard to debug hurts 
availability -- and availability is itself a component of security.

		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb