how to detect (and kill) tunnel-only ssh connections?

Tue Oct 13 15:22:10 EDT 2009

On Oct 13, 2009, at 2:19 PM, John Abreau wrote:

> The question is whether the OpenBSD user expiration merely
> disables the user account, or actually deletes it.  This thread
> seems to be asuming the user is deleted and not just disabled.

I didn't.  The OP specifically wrote:

>>> hostA for tunneling purposes even if the user's shell on hostA is  
>>> set to nologin (or /bin/false, etc).  As there is no shell or  
>>> command running,

The password file entry exists.  The account is locked; it is not  
deleted.  The simple solution is to look for any processes owned by  
that user and kill them.

--Rich P.