[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Disallow shell access but not sftp?



This has come up before, but the simple answer is "you cant"

-- 
Steve.

On Tue, 2 Mar 2004, Salmons, Michael wrote:

> Hello,
>  
> Does anyone know how one might disallow a user to logon to a secure
> shell but still allow them to make a secure login for ftp (sftp)? I want
> this person to have ftp access but not, specifically, have the ability
> to run passwd. I tried changing their shell to a variety of bogus
> filenames (/dev/null, /bin/ftponly, both as an empty file and as a
> symlink to /dev/null), and discovered at that point that sftp must allow
> an ssh login to work. I can't block in hosts.deny or allow because this
> user obtains an ip from the same dhcp pool we all do; denying by ip is
> no good.
>  
> Any ideas?
>  
> Thanks,
>  
> Michael Salmons
> salmonsm missouri edu
> 




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]