From owner-freebsd-questions Mon Oct 11 4:30:37 1999 Delivered-To: freebsd-questions@freebsd.org Received: from axl.noc.iafrica.com (axl.noc.iafrica.com [196.31.1.175]) by hub.freebsd.org (Postfix) with ESMTP id EE24C14D8B for ; Mon, 11 Oct 1999 04:30:28 -0700 (PDT) (envelope-from sheldonh@axl.noc.iafrica.com) Received: from sheldonh (helo=axl.noc.iafrica.com) by axl.noc.iafrica.com with local-esmtp (Exim 3.037 #1) id 11adeq-000MZX-00; Mon, 11 Oct 1999 13:30:24 +0200 From: Sheldon Hearn To: Donald Cc: freebsd-questions Subject: Re: telnet In-reply-to: Your message of "Sun, 10 Oct 1999 18:17:19 MST." <38013A9F.E66BCCFC@eoe-magical.org> Date: Mon, 11 Oct 1999 13:30:24 +0200 Message-ID: <86770.939641424@axl.noc.iafrica.com> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, 10 Oct 1999 18:17:19 MST, Donald wrote: > I want to block telnet access but not ftp access, how do I change the > login shell or what do I need to do to get this to work. This advice assumes that you mean that you want to block and allow access _per_ _user_. If that's not what you meant, see Marc Schneiders' reply. For login access via telnet, a user needs a valid shell listed in /etc/shells . Ftpd also requires that a user's shell be a valid shell in /etc/shells . So what do you do? :-) The easiest thing to do is add to the /etc/ftpusers the usernames from whom you want to revoke ftp access. This may not be scalable, depending on your requirements. You may want to add the restricted users to a new group (say noftp) and add the entire group to the /etc/ftpusers file as follows: @noftp Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message