From owner-freebsd-questions Sat May 25 13:59:15 2002 Delivered-To: freebsd-questions@freebsd.org Received: from dns.perimeter.co.za (dns.perimeter.co.za [196.25.164.254]) by hub.freebsd.org (Postfix) with ESMTP id 472BC37B409 for ; Sat, 25 May 2002 13:59:09 -0700 (PDT) Received: from there (vic-dial-196-30-232-232.mweb.co.za [196.30.232.232]) by dns.perimeter.co.za (8.11.1/8.11.1) with SMTP id g4PKwS166809; Sat, 25 May 2002 22:58:29 +0200 (SAST) (envelope-from bsd@perimeter.co.za) Content-Type: text/plain; charset="iso-8859-1" From: "Patrick O'Reilly" Organization: Perimeter Networks CC Message-Id: <200205252251.51986@.perimeter.co.za> To: Paul Everlund Subject: Re: FTP server, telnetd and shells (fixed) Date: Sat, 25 May 2002 22:59:28 +0200 X-Mailer: KMail [version 1.3.2] References: <3CEF8A4A.70062684@cs.umu.se> <3CEF901D.3B7570A@cs.umu.se> In-Reply-To: <3CEF901D.3B7570A@cs.umu.se> Cc: freebsd-questions@FreeBSD.ORG MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sat 25 May 02 15:22, you wrote: > Paul Everlund wrote: > > Hey stoopid! Tell your one braincell to put /sbin/nologin > into /etc/shells, then do vipw and change the shell entry > in the password file to /sbin/nologin. Now it should work! > > ---- > > And it did! Thanks Paul for your great tip! :-) > You know - they say that people who talk to themselves are..., well... "stoopid" ;) Anyway, this is not what you asked, but something I do religiously when I build FTP servers, and particularly for ftp accounts that do NOT have shell access, is to use the /etc/ftpchroot file. It's a simple but handy way to keep your FTP users within their little boxes. If you have not read up on it - do so! # man ftpd (search for ftpchroot by typing: /chroot ) My method is to create a group called ftp (in /etc/groups), and then use that is the group when adding ftp user accounts. Finalyy, edit /etc/ftpchroot, and insert this line: @ftp Have fun. -- Regards, Patrick O'Reilly.     ___        _            __    / _ )__ __ (_)_ __ ___ _/ /____ __   / __/ -_) _) /  ~  ) -_), ,-/ -_) _)  /_/  \__/_//_/_/~/_/\__/ \__/\__/_/     http://www.perimeter.co.za To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message