Disallow shell access but not sftp?
Salmons, Michael
SalmonsM at missouri.edu
Tue Mar 2 15:18:14 UTC 2004
I was afraid that might be the answer. Thanks for the quick responses.
-----Original Message-----
From: redhat-list-admin at redhat.com [mailto:redhat-list-admin at redhat.com]
On Behalf Of Steve
Sent: Tuesday, March 02, 2004 2:16 PM
To: redhat-list at redhat.com
Subject: Re: Disallow shell access but not sftp?
This has come up before, but the simple answer is "you cant"
--
Steve.
On Tue, 2 Mar 2004, Salmons, Michael wrote:
> Hello,
>
> Does anyone know how one might disallow a user to logon to a secure
> shell but still allow them to make a secure login for ftp (sftp)? I
> want this person to have ftp access but not, specifically, have the
> ability to run passwd. I tried changing their shell to a variety of
> bogus filenames (/dev/null, /bin/ftponly, both as an empty file and as
> a symlink to /dev/null), and discovered at that point that sftp must
> allow an ssh login to work. I can't block in hosts.deny or allow
> because this user obtains an ip from the same dhcp pool we all do;
> denying by ip is no good.
>
> Any ideas?
>
> Thanks,
>
> Michael Salmons
> salmonsm at missouri.edu
>
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
More information about the redhat-list
mailing list