From owner-freebsd-isp Wed Dec 20 11:29:46 2000 From owner-freebsd-isp@FreeBSD.ORG Wed Dec 20 11:29:40 2000 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from marius.org (marius.org [216.88.115.170]) by hub.freebsd.org (Postfix) with ESMTP id 2186137B402 for ; Wed, 20 Dec 2000 11:29:32 -0800 (PST) Received: (from marius@localhost) by marius.org (8.11.0/8.11.0) id eBKJTMY48154; Wed, 20 Dec 2000 13:29:22 -0600 (CST) Date: Wed, 20 Dec 2000 13:29:21 -0600 From: Marius Strom To: bv@wjv.com Cc: freebsd-isp@FreeBSD.ORG Subject: Re: FTP access without shell Message-ID: <20001220132921.T31301@marius.org> Mail-Followup-To: bv@wjv.com, freebsd-isp@FreeBSD.ORG References: <20001220141227.B34077@wjv.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001220141227.B34077@wjv.com>; from bill@wjv.com on Wed, Dec 20, 2000 at 02:12:28PM -0500 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Another typical practice is to use both /bin/true and /bin/false. You put /bin/true in your shells, and give /bin/true to all users who want ftp access, and /bin/false those you don't. This way, you can create non-interactive and non-ftp accounts for things such as email only accounts. On Wed, Dec 20, 2000 at 02:12:28PM -0500, Bill Vermillion wrote: > On Wed, Dec 20, 2000 at 01:30:07PM -0500, David Lawson thus spoke: > > > I'm trying to give a user ftp access but not shell access when I > > set their shell to /sbin/nologin ftp says access denied but if it > > is set to a working shell ftp is fine. > > I use /bin/false - a habit from a long time ago, and just > added that to the /etc/shells. I then also put their entry > into /etc/ftpchroot and all seems to work just fine. > > > -- > Bill Vermillion - bv @ wjv . com > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message -- Marius Strom Professional Geek/Unix System Administrator URL: http://www.marius.org http://www.marius.org/marius.pgp 0x55DE53E4 "Never underestimate the bandwidth of a mini-van full of DLT tapes traveling down the highway at 65 miles per hour..." -Andrew Tanenbaum, "Computer Networks" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message