Date: Sat, 25 May 2002 23:36:11 +0200 From: Paul Everlund <tdv94ped@cs.umu.se> To: Patrick O'Reilly <bsd@perimeter.co.za> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: FTP server, telnetd and shells (fixed) Message-ID: <3CF003CB.2BF0E249@cs.umu.se> References: <3CEF8A4A.70062684@cs.umu.se> <3CEF901D.3B7570A@cs.umu.se> <200205252251.51986@.perimeter.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
Patrick O'Reilly wrote: > > On Sat 25 May 02 15:22, you wrote: > > Paul Everlund wrote: > > > > Hey stoopid! Tell your one braincell to put /sbin/nologin > > into /etc/shells, then do vipw and change the shell entry > > in the password file to /sbin/nologin. Now it should work! > > > > ---- > > > > And it did! Thanks Paul for your great tip! :-) > > > > You know - they say that people who talk to themselves are..., > well... "stoopid" ;) :-) > Anyway, this is not what you asked, but something I do reli- > giously when I build FTP servers, and particularly for ftp > accounts that do NOT have shell access, is to use the /etc/ > ftpchroot file. It's a simple but> handy way to keep your > FTP users within their little oxes. If you have not read up > on it - do so! > > # man ftpd > (search for ftpchroot by typing: /chroot ) > > My method is to create a group called ftp (in /etc/groups), > and then use that is the group when adding ftp user accounts. > Finalyy, edit /etc/ftpchroot, and insert this line: > > @ftp > > Have fun. > > -- > Regards, > Patrick O'Reilly. I'm using proftpd, which has a config file much like Apache's, and chroot is done a bit different, but with the same result, and I'm using it. Also the ftp users have their own group. So I have, without knowing it, followed your tips. :-) Thanks a lot anyway for sharing your knowledge! Not easy for you to know what I do know and don't, so I appreciate taking your time. Best regards, Paul To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3CF003CB.2BF0E249>