From owner-freebsd-questions Thu Feb 3 17: 5:39 2000 Delivered-To: freebsd-questions@freebsd.org Received: from akira.lanfear.com (akira.lanfear.com [208.12.10.34]) by builder.freebsd.org (Postfix) with ESMTP id AAC713D60 for ; Thu, 3 Feb 2000 17:05:36 -0800 (PST) Received: from shuriken (shuriken.lanfear.com [10.0.0.3]) by akira.lanfear.com (8.9.3/8.9.3) with SMTP id RAA08199; Thu, 3 Feb 2000 17:05:46 -0800 (PST) (envelope-from marcw@lanfear.com) From: "Marc Wandschneider" To: "Matt Gostick" Cc: Subject: RE: allow only ftp for some accounts Date: Thu, 3 Feb 2000 17:06:22 -0800 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG this is because /etc/nologin is not in /etc/shells. If a shell is not listed there, ftpd won't let a user log in. I just added it to the valid list of shells. doesn't seem like a security risk doing so. marc. > -----Original Message----- > From: Matt Gostick [mailto:matt@crazylogic.net] > Sent: Thursday, February 03, 2000 4:50 PM > To: Marc Wandschneider > Cc: questions@FreeBSD.ORG > Subject: RE: allow only ftp for some accounts > > > > On Thu, 3 Feb 2000, Marc Wandschneider wrote: > > > > just put /bin/nologin as their shell. give them an account > with passwords > > and their ftp directory as their login dir. you should also put them in > > /etc/ftpchroot to make sure they can't meander around the system. > > > Hmm.... I did try that one. When I put the shell as no login I get an > access denied when trying to ftp as well as telnet. > > Any other suggestions? > > -- > Matt Gostick > http://www.crazylogic.net/~matt > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message