--
----
Andrea Crisanti Tel. : +39-6-4991 3431
Department of Physics Fax : +39-6-4463158
University of Rome "La Sapienza" E-mail :
krisanti_at_castore.phys.uniroma1.it
P.le A. Moro 2
I-00185 Rome
Hy,
I would like to thank all who answer my question:
I would like to have some usernames which can login only via ftp.
Here is the summary.
Bye
Andrea
---------------------
From: Arrigo Triulzi <arrigo_at_albourne.com>
You can do it by setting their shells to
/usr/bin/true
and adding /usr/bin/true to /etc/shells. They can then FTP, read
e-mail via POP, etc. but cannot get a shell prompt (as /usr/bin/true
just exits).
Arrigo
--------------------
From: Brian Hostetter <brianh_at_netins.net>
Make them a new shell. I user /etc/ftponly. Then change their
shell to have this be their default, with chsh. Then when they try to
telnet in they will get auto logged off. But they can still ftp.
--Brian
-------------------
From: "Nestor Ruiz" <nruiz_at_hermes.bvl.com.pe>
Those users must be not declared on /etc/ftpusers but MUST have
/bin/true or /bin/false as shell in /etc/passwd (to don't allow to use telnet)
AND the shell (either /bin/true or /bin/false) MUST be declared in /etc/shells
in order to allow the user log in via ftp.
Nestor Ruiz
Soporte Tecnico - ELEX
--------------------
From: "Jim R Jones" <Jim_R_Jones_at_notesbridge.cummins.com>
Just set /bin/false as the shell and they will not be able to login, but
ftp should work for them.
jim jones
---------------
From: Richard Rogers <R.M.Rogers_at_staffs.ac.uk>
You could specify a shell in /etc/passwd that doesn't permit the user to do
anything (eg /bin/false). If you do that, you'll need to make sure you enter
it into /etc/shells, as ftp won't allow connections from users whose shells
don't appear there.
Richard
-----------------------------------
From: Gyula Szokoly <szgyula_at_tarkus.pha.jhu.edu>
Set the login shell to /bin/true and put it (/bin/true) into /etc/shells.
This way they can't log in. They still have pop, imap, etc access.
Gyula
---------------------------
From: "Degerness, Mandell ITSD:EX" <Mandell.Degerness_at_gems2.gov.bc.ca>
What I did was to set up a C program called paslog which just invokes the
passwd command. I then make this the shell for the user and put the paslog
command into /etc/shells. I can send you the source code if it would help.
Thus, the user is able to do ftp (because the shell is in /etc/shells), but
when they telnet, they only get the password change prompts.
Regards,
Mandell Degerness
----------------
From: Caine the Wanderer <ctflist_at_jane.penn.com>
One way to do this is to add a shell in /etc/shells that goes to
/dev/null. This will let you do FTP, but should keep people from
telnetting in. You could also do something like this with TCP wrappers.
Cliff
-------------------
From: "ing.Bubulac Angela Tatiana" <tatia_at_alpha1.infim.ro>
I do not know if it is the answer that you are expect it.
The ftpd security file rejects remote logins to local user accounts
specified in /etc/ftpusers. Restricted accounts must match exactly with
those in /etc/passwd file and appear one to a line.
good luck!
------------
From: "Burelbach, Jonathan" <JBurelbach_at_feddata.com>
use tcp_wrappers or wu-ftpd
Jonathan Burelbach
Sr. Systems Engineer
FDC Technologies, Inc.
jburelbach_at_feddata.com
Received on Wed Jul 22 1998 - 13:39:05 NZST