[CentOS] vsftp vs shell logins

Sun Jan 29 21:44:39 UTC 2006
Alexander Dalloz <ad+lists at uni-x.org>

Am So, den 29.01.2006 schrieb techlist um 22:31:

> I need to be able to allow specific system accounts to ftp to a box.  As far 
> as I can tell I have to give them a shell in /etc/passwd (i.e. /bin/bash) in 
> order for their ftp login to work.  I do *not* however want them to be able 
> to log into a shell or ssh session.  I cannot restrict by IP.  What's the 
> best way to accomplish this?

> Scott

Pretty simple: don't give the FTP users a login shell. CentOS provides 2
styles of them: /bin/false and /sbin/nologin. Depending on the FTP
daemon you use you may need to add the not login shell as a valid shell
into /etc/shells; or configure the FTPd differently.


Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp 
Serendipity 22:42:44 up 56 days, 3:19, load average: 0.86, 0.79, 0.57 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://lists.centos.org/pipermail/centos/attachments/20060129/2c2222f6/attachment-0005.sig>