Interesting, I never really considered the implications of ssh + /bin/false.
Creepy users are generally a product of the concept of 'daemons', eg system-level workings that do not require root (so they do not get it). The numbers are basically arbitrary up until a particular group or user id is granted read/write access to otherwise privileged areas of the file system or memory. Those users exist for specific purposes relating to sundry functionality under the hood.
To my knowledge, none have passwords however, and without a password one cannot log in to them without first being root basically.
If you dump the password database and discover that some *do* have passwords, then things might get interesting, because it would not be unreasonable to assume that the password is static across multiple systems... Unlikely tho.
Threaded Mode
