29 Jan
2006
29 Jan
'06
11:44 p.m.
Am So, den 29.01.2006 schrieb techlist um 22:31:
I need to be able to allow specific system accounts to ftp to a box. As far as I can tell I have to give them a shell in /etc/passwd (i.e. /bin/bash) in order for their ftp login to work. I do *not* however want them to be able to log into a shell or ssh session. I cannot restrict by IP. What's the best way to accomplish this?
Scott
Pretty simple: don't give the FTP users a login shell. CentOS provides 2 styles of them: /bin/false and /sbin/nologin. Depending on the FTP daemon you use you may need to add the not login shell as a valid shell into /etc/shells; or configure the FTPd differently.
Alexander
--
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp
Serendipity 22:42:44 up 56 days, 3:19, load average: 0.86, 0.79, 0.57