ftp and /bin/false
Bazooka Joe
fastfish at gmail.com
Fri Nov 14 19:16:54 UTC 2008
On Fri, Nov 14, 2008 at 11:09 AM, Rick Stevens <ricks at nerd.com> wrote:
> Bazooka Joe wrote:
>>
>> I just migrated from fc4 to the latest cent.
>>
>> in fc4 i used /bin/false for users that I only wanted ftp access and no
>> shell.
>>
>> That doesn't work in cent - I have to give them a shell to ftp.
>>
>> How do I change it so /bin/false can ftp only in cent like it was in fc?
>>
>> -bazooka
>>
>> I know this is a cent question but I didn't get any love from that list.
>
> The correct shell to give those users is "/sbin/nologin", not
> "/bin/false". Note also that the shell FTP users are given must be
> listed in the "/etc/shells" file or they won't be allowed to log in--
> even just for FTP.
>
> On CentOS 5, for example, /etc/shells contains:
>
> /bin/sh
> /bin/bash
> /sbin/nologin
> /bin/tcsh
> /bin/csh
>
> and the anonymous FTP user has this entry in /etc/passwd:
>
> ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
>
> so the anonymous FTP user has "/sbin/nologin" for his shell and that
> is also listed in /etc/shells.
> ----------------------------------------------------------------------
> - Rick Stevens, Systems Engineer ricks at nerd.com -
> - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 -
> - -
> - Never try to outstubborn a cat. -
> ----------------------------------------------------------------------
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
> Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
>
Thx that was what I was looking for.
More information about the fedora-list
mailing list