Disallow shell access but not sftp?
Steve
steve at focb.co.nz
Tue Mar 2 15:09:15 UTC 2004
This has come up before, but the simple answer is "you cant"
--
Steve.
On Tue, 2 Mar 2004, Salmons, Michael wrote:
> Hello,
>
> Does anyone know how one might disallow a user to logon to a secure
> shell but still allow them to make a secure login for ftp (sftp)? I want
> this person to have ftp access but not, specifically, have the ability
> to run passwd. I tried changing their shell to a variety of bogus
> filenames (/dev/null, /bin/ftponly, both as an empty file and as a
> symlink to /dev/null), and discovered at that point that sftp must allow
> an ssh login to work. I can't block in hosts.deny or allow because this
> user obtains an ip from the same dhcp pool we all do; denying by ip is
> no good.
>
> Any ideas?
>
> Thanks,
>
> Michael Salmons
> salmonsm at missouri.edu
>
More information about the redhat-list
mailing list