login is the program called by a terminal or a telnet session or getty and
telnetd respectively. Login authenticates user access for the daemon in
which you are connecting (terminal or telnet).

The file /etc/securetty lists the names of the ttys where root is allowed
to log in. One name of a tty device without the /dev/ prefix must be
specified on each  line. If the file does not exist, root is allowed to
log in on any tty.

If the file .hushlogin exists, then a "quiet" login is performed (this
disables the checking of mail and the printing of the last login time and
message of the day). Otherwise, if /var/log/lastlog exists, the last login
time is printed (and the current login is recorded).

If the file /etc/nologin exists, logins are disabled. That file is typically
created by shutdown and relatives. login checks for this file, and will
refuse to accept a login if it exists. If it does exist, login outputs its
contents to the terminal before it quits.

The best way to disable an account is to change its shell into a special
program that just prints a message. This way, whoever tries to log into
the account, will fail, and will know why. The message can tell the user
to contact the system administrator so that any problems may be dealt with.

--------------------------------------------------------------------------------

For BusyBox and other small appliance targeted Linux installations, login
will sometimes be a SHell script with no authentication. This shell script
can be reqplaced by a small authentication application known as "tinylogin".
	http://tinylogin.busybox.net/