Disallow shell access but not sftp?
Salmons, Michael
SalmonsM at missouri.edu
Tue Mar 2 14:51:32 UTC 2004
Hello,
Does anyone know how one might disallow a user to logon to a secure
shell but still allow them to make a secure login for ftp (sftp)? I want
this person to have ftp access but not, specifically, have the ability
to run passwd. I tried changing their shell to a variety of bogus
filenames (/dev/null, /bin/ftponly, both as an empty file and as a
symlink to /dev/null), and discovered at that point that sftp must allow
an ssh login to work. I can't block in hosts.deny or allow because this
user obtains an ip from the same dhcp pool we all do; denying by ip is
no good.
Any ideas?
Thanks,
Michael Salmons
salmonsm at missouri.edu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/redhat-list/attachments/20040302/60712c88/attachment.htm>
More information about the redhat-list
mailing list