Re: openssh: Enabling sftp, but disabling ssh?

---

• From: Coleman Kane <cokane@xxxxxxxxxx>
• Date: Tue, 5 Sep 2006 20:12:54 +0000

---

On Tue, Sep 05, 2006 at 09:46:26AM -0700, Patrick Morris wrote, and it was proclaimed:

Does anybody know if it's possible, using openssh, to allow
file transfer to/from a machine, using sftp, for a specific
userid, and disallow ssh login/remote command execution for
that same userid? Other userids on the machine should be unaffected.

You should be able to set the user to an invalid shell (as long as it's
listed in /etc/shells).

Due to how SSH handles logins for sftp and scp services, this approach
tends not to work (however it is viable for IMAP/FTP-only accounts).

--
Coleman Kane

---

• References:
  • openssh: Enabling sftp, but disabling ssh?
    • From: Mark Holden
  • RE: openssh: Enabling sftp, but disabling ssh?
    • From: Patrick Morris

• Prev by Date: Re: openssh: Enabling sftp, but disabling ssh?
• Next by Date: RE: openssh: Enabling sftp, but disabling ssh?
• Previous by thread: RE: openssh: Enabling sftp, but disabling ssh?
• Next by thread: RE: openssh: Enabling sftp, but disabling ssh?
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > Secure_Shell  > 2006-09