From owner-freebsd-questions@FreeBSD.ORG Sat Jun 28 04:34:59 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F1A3D37B401 for ; Sat, 28 Jun 2003 04:34:58 -0700 (PDT) Received: from mta5.adelphia.net (mta5.adelphia.net [64.8.50.187]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3C60044022 for ; Sat, 28 Jun 2003 04:34:58 -0700 (PDT) (envelope-from Barbish3@adelphia.net) Received: from barbish ([68.169.105.49]) by mta5.adelphia.net (InterMail vM.5.01.05.32 201-253-122-126-132-20030307) with SMTP id <20030628113457.OSAX18406.mta5.adelphia.net@barbish> for ; Sat, 28 Jun 2003 07:34:57 -0400 From: "FBSD_User" To: Date: Sat, 28 Jun 2003 07:34:57 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 In-Reply-To: <3EF71C46.1060605@sundland.com> Subject: RE: creating ftp users! X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Jun 2003 11:34:59 -0000 Rob, If you want a nice message, I suggest creating a class in /etc/logins.conf which point to a /etc/issues.sftponly file where the user gets a nice message, which you deem appropriate. Secondly, as far as chroot, I don't believe OpenSSH supports chroot natively, however I know there is a patch floating around (I believe in the contrib/ directory of the openssh portable tarball) which will patch openssh to support chroot'd environments. You will need to recompile the openssh portable distribution, however. Rob Lahaye wrote: > Raymond Sundland wrote: > >>Rob, >> >>You can try setting the user's shell to /usr/libexec/sftp-server (or >>wherever the sftp-server binary exists under FreeBSD). >> >>This will give the user ability to SFTP into the box, but without a >>normal shell. /usr/lib/exec/sftp-server should be added to /etc/shells, >>too. > > > Almost works ;). > Doing what you suggest, I can sftp to the account, but when I do ssh to > that account, I get the regular login message but no prompt. Something > seems to hang. When I type something and hit return, I get: > > > bad message > Connection to foo.bar.com closed. > $ > > It somehow blocks ssh login indeed, but it's not very nice! > > > BTW will sftp also work with the /etc/chroot file? > > Thanks, > Rob. > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"