Re: Disallow logins, but allow ftp?

• Next message: Nico Kadel-Garcia: "Re: User SFTP Directory under win2000 server"
• Previous message: Alex Walker: "Get Involved - 16th Systems Administration Conference (LISA 2002)"
• In reply to: Jeff Shipman - SysProg: "Re: Disallow logins, but allow ftp?"
• Next in thread: Daniel Tiefnig: "Re: Disallow logins, but allow ftp?"
• Reply: Daniel Tiefnig: "Re: Disallow logins, but allow ftp?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Anon <Anon@god.com>
Date: Wed, 24 Apr 2002 02:10:59 GMT

yeah, int /etc/passwd:
replace /bin/bash with /bin/false
 (this runs false instead of the shell)
it could be /bin/bash or /bin/sh or whatever, its at the end of the
line, youll see it.
users can still use ftp (as the shell is never ran)...
one problem ive seen: proftp seems to need /bin/bash there (dont know
why, it doesnt use it)
there are still ways around that (little more complicated though)

                                            hope this helps someone,

--just a random guy

Jeff Shipman - SysProg wrote:

> Does anybody have any tips for this?
>
> Jeff Shipman - SysProg wrote:
>
> > We have a machine that we would like to disallow
> > ssh logins, but allow sftp connections. Is there
> > a way to do this?
> >
> > One word about our system:
> >
> > Some people are allowed to login to the machine
> > (through the console) and they have valid shells.
> > However, all other users have their shell set
> > to a shell that simply displays the fact that they
> > cannot login and logs the user out.
> >
> > I'm not sure how that will affect how this can
> > be done. Any help would be greatly appreciated.
> >
> > Thanks,
> >
>
> --
> Jeff Shipman E-Mail: jeff@nmt.edu
> Systems Programmer Phone: (505) 835-5748
> NMIMT Computer Center http://www.nmt.edu/~jeff

• Next message: Nico Kadel-Garcia: "Re: User SFTP Directory under win2000 server"
• Previous message: Alex Walker: "Get Involved - 16th Systems Administration Conference (LISA 2002)"
• In reply to: Jeff Shipman - SysProg: "Re: Disallow logins, but allow ftp?"
• Next in thread: Daniel Tiefnig: "Re: Disallow logins, but allow ftp?"
• Reply: Daniel Tiefnig: "Re: Disallow logins, but allow ftp?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: SSH Tunneling without console login ... > that the command will also login onto PC2. ... > not give a shell prompt, ... I only need SSH ... > tunneling purposes, i login to the remote server ... (SSH) Environment Poisoning and login -p ... login -p can be used to propagate environment flags ... in order to trojan the user shell of the target account. ... I will note that in -CURRENT, both "nologin" and /bin/sh ... (FreeBSD-Security) Re: $PATH and /etc/profile ... If you run startx ... >> starting X from a login shell. ... > to detach from the console and allow you to continue working on the ... how to propery setup their shell environment. ... (Debian-User) Re: change $PATH system-wide? ... Xsession script uses /bin/sh and does not know what shell you will be ... To set PATH at the graphical login you should put it in your ... environment scripts or a bug with the selected window manager. ... (Debian-User) Re: xsession file ... The login managersxdm and kdm do not run a login shell, so .profile, ... In that xsession file load *the same shell* as your ... (Debian-User)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint