XK0-005 Question #664: Real Exam Question with Answer & Explanation

The correct answer is A: Creating the /etc/nologin file. {"question_number": 4, "question": "Prevent non-root SSH access to a Linux server.", "correct_answer": "A", "explanation": "When the file '/etc/nologin' exists, the PAM nologin module (pam_nologin.so) denies login to all users except root. The file's contents are typically displa

System Management

Question

Which of the following will prevent non-root SSH access to a Linux server?

Options

ACreating the /etc/nologin file
BCreating the /etc/nologin.allow file containing only a single line root
CCreating the /etc/nologin/login.deny file containing a single line +all
DEnsuring that /etc/pam.d/sshd includes account sufficient pam_nologin.so

Explanation

{"question_number": 4, "question": "Prevent non-root SSH access to a Linux server.", "correct_answer": "A", "explanation": "When the file '/etc/nologin' exists, the PAM nologin module (pam_nologin.so) denies login to all users except root. The file's contents are typically displayed as an error message to rejected users. This is the standard, built-in Unix/Linux mechanism for blocking non-root logins. '/etc/nologin.allow' and '/etc/nologin/login.deny' are not standard Linux files. Option D describes adding a PAM module manually, but pam_nologin.so is typically already configured in /etc/pam.d/sshd by default-simply creating /etc/nologin is sufficient.", "generated_by": "claude-sonnet", "llm_judge_score": 4}

Topics

#nologin file#SSH access#User Access Control#System Maintenance

Community Discussion

No community discussion yet for this question.

Full XK0-005 Practice Browse All XK0-005 Questions