From owner-freebsd-questions  Thu Aug 26 11: 6:15 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from mobil.surnet.ru (mobil.surnet.ru [195.54.2.7])
	by hub.freebsd.org (Postfix) with ESMTP id C61D515F41
	for <Freebsd-questions@FreeBSD.ORG>; Thu, 26 Aug 1999 11:06:08 -0700 (PDT)
	(envelope-from ilia@cgilh.chel.su)
Received: (from uucgilh@localhost)
	by mobil.surnet.ru (8.9.1a/8.9.1) with UUCP id XAA16436;
	Thu, 26 Aug 1999 23:59:26 +0600 (UDT)
Received: (from uucp@localhost)
	by cgilh.chel.su (8.8.7/8.8.7) with UUCP id WAA00918;
	Thu, 26 Aug 1999 22:53:17 +0600
Received: from localhost (ilia@localhost)
	by localhost.cgu.chel.su (8.9.2/8.9.2) with ESMTP id WAA00625;
	Thu, 26 Aug 1999 22:51:50 +0600 (ESS)
	(envelope-from ilia@cgilh.chel.su)
X-Authentication-Warning: localhost.cgu.chel.su: ilia owned process doing -bs
Date: Thu, 26 Aug 1999 22:51:50 +0600 (ESS)
From: Ilia Chipitsine <ilia@cgilh.chel.su>
X-Sender: ilia@localhost.cgu.chel.su
To: Francisco Reyes <freyes@inch.com>
Cc: FreeBSD <Freebsd-questions@FreeBSD.ORG>,
	Langa Kentane <evablunted@earthling.net>
Subject: Re: Disabling a user account
In-Reply-To: <199908261159.HAA11346@arutam.inch.com>
Message-ID: <Pine.BSF.4.05.9908262249470.348-100000@localhost.cgu.chel.su>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=koi8-r
Content-Transfer-Encoding: 8BIT
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

you could disable ftp/pop3/stuff (which stuff ?!) by changing
user's shell with /sbin/nologin

I'd suggest you to change user's password (using vipw)
with "*", what means that any kind of login is disallowed.
Howerer, you should store original password field somewhere.

Regards, (Наилучшие пожелания)

 Ilia Chipitsine (Илья Шипицин)

On Thu, 26 Aug 1999, Francisco Reyes wrote:

> On Thu, 26 Aug 1999 11:17:50 +0200, Langa Kentane wrote:
> 
> >I want to deny a certain user access to my server and the server is running
> >ftp, pop3 and stuff.  How do I go about doing this without deleting the user
> >account?
> 
> So what will this user still be able to access?
> Denying access to a user could be achieved by changing his/her shell to
> "/sbin/nologin". I also think there is a port which also logs the
> attemps.
> 
> This approach will allow you to temporarily deny access and when you
> want to re-instate this user you can just change the shell back.
> 
> If this user is coming from a statis IP address you could use a
> firewall rule to only allow them specific access to some services.
> 
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message