I have:
WHM 6.4.2 Cpanel 6.4.2-R47 RedHat 7.3
In each package SSH is not enabled.
But after creation of the host-plan SSH is enabled.

I tried it on several servers.

It began some days back (2-3 days)
I think it began after last updating Cpanel.
( WHM 6.4.2 Cpanel 6.4.2-R47)

In WHM 6.4.2 Cpanel 6.4.2-R5 this problem was not.

Can't you just disable shell access globally?

Yes, I have disabled it in /etc/profiles
It is authorized only for root

How did you do that?

In /etc/passwd all my users have "noshell" access. But I'm curious as to what you did in /etc/profile. Just want to learn more...

"/etc/profile"


if [ "$LIMITUSER" != "root" ]; then

echo "Sorry $LIMITUSER, the system not support terminal access."
exit 1

fi

I don't allow direct root login, so mine would be?:

if [ "$LIMITUSER" != "root" || "$LIMITUSER" != "admin" ]; then

echo "Sorry $LIMITUSER, the system does not support terminal access."
exit 1

fi

So where is LIMITUSER defined?
Is it a system variable?
How can I find what system variables are available?

Sorry for all the ????'s.

Sorry. I have not specified more in detail.
My script is changed Cpanel:

-=cut=-

#cPanel Added Limit Protections -- BEGIN

#unlimit so we can run the whoami
ulimit -n 4096 -u 14335 -m unlimited -d unlimited -s 8192 -c 1000000 -v unlimited 2>/dev/null


LIMITUSER=$USER
if [ -e "/usr/bin/whoami" ]; then
LIMITUSER=`/usr/bin/whoami`
fi
if [ "$LIMITUSER" != "root" ]; then

echo "Sorry $LIMITUSER, the system not support terminal access."
exit 1

ulimit -n 100 -u 20 -m 200000 -d 200000 -s 8192 -c 200000 -v 200000 2>/dev/null

else
ulimit -n 4096 -u 14335 -m unlimited -d unlimited -s 8192 -c 1000000 -v unlimited 2>/dev/null
fi
#cPanel Added Limit Protections -- END

-=cut=-



Under the standard Linux, you can look variable $LOGNAME
It is standard internal variable in Shell.

Or to receive a name of the current user by the command:
LOGNAME=`/usr/bin/whoami`

Thanks, very interesting.