techlist wrote: > I need to be able to allow specific system accounts to ftp to a box. As > far as I can tell I have to give them a shell in /etc/passwd (i.e. > /bin/bash) in order for their ftp login to work. I do *not* however > want them to be able to log into a shell or ssh session. I cannot > restrict by IP. What's the best way to accomplish this? You can edit your /etc/pam.d/vsftpd and comment/remove pam_shells.so, something like: #auth required pam_shells.so This will allow the login without shell access. -- Alin Osan