Another point to remember: If you use /bin/false and it's dynamically linked (which it probably is), then you MUST make sure that you have PermitUserEnvironment set to "no" -- otherwise people can LD_PRELOAD their way in.
JFTR PermitUserEnvironment is nowadays per default disabled. You should also make sure that AcceptEnv is sane (e.g. just accept LC_* and LANG)
But even if you use a static linked /bin/false you must make sure that you disable PermitUserEnvironment as sh(1) is executed if ~/.ssh/rc exists and sh is typically dynamically linked
It's disabled by default on most systems, but I wouldn't want to assume that Crazy Chimpanzee Linux doesn't do something stupid, or that no sysadmin flips that option on without understanding the consequences.
