From owner-freebsd-questions@FreeBSD.ORG  Thu Feb 10 19:55:34 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id AA16E16A4CE
	for <freebsd-questions@freebsd.org>;
	Thu, 10 Feb 2005 19:55:34 +0000 (GMT)
Received: from xmail.cityofpaloalto.org (cerberus.city.palo-alto.ca.us
	[199.33.32.254])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6C22543D31
	for <freebsd-questions@freebsd.org>;
	Thu, 10 Feb 2005 19:55:34 +0000 (GMT)
	(envelope-from Viraj.Dixit@CityofPaloAlto.org)
Received: from cc-mail.cityofpaloalto.org ([172.17.1.1]) by
	xmail.cityofpaloalto.org with Microsoft SMTPSVC(6.0.3790.211);
	Thu, 10 Feb 2005 11:55:34 -0800
X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Date: Thu, 10 Feb 2005 11:55:32 -0800
Message-ID: <ED759F1DC5ADD74592DD063B1EDEDAF803ACD2BF@cc-mail.staff.copa>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: Telnet and FTP issues on 5.3
thread-index: AcUPoEqV0OCtYEY2TpmzJXTjZ0NUMAAChd3g
From: "Dixit, Viraj" <Viraj.Dixit@CityofPaloAlto.org>
To: "Dan Nelson" <dnelson@allantgroup.com>
X-OriginalArrivalTime: 10 Feb 2005 19:55:34.0385 (UTC)
	FILETIME=[7BAEFE10:01C50FAA]
cc: freebsd-questions@freebsd.org
Subject: RE: Telnet and FTP issues on 5.3
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Feb 2005 19:55:34 -0000

Thanks so much Dan, this works great. I appreciate your help.=20
VJ

 -----Original Message-----
From: 	Dan Nelson [mailto:dnelson@allantgroup.com]=20
Sent:	Thursday, February 10, 2005 10:42 AM
To:	Dixit, Viraj
Cc:	freebsd-questions@freebsd.org
Subject:	Re: Telnet and FTP issues on 5.3

In the last episode (Feb 10), Dixit, Viraj said:
> I have been searching for few days everywhere an answer to this
> question. Is there a way to stop telnet access for a group let's say
> ftponly but allow them to have FTP access in FreeBSD 5.3. I know this
> works in my old system BSD OS 4.3. The commands are like this in
> login.conf file in BSD OS 4.3.
>=20
> #restrict telnet for ftponly group only
> ftponly:\
>    :auth-network=3Dreject:\
>    :auth-ftp=3Dpasswd:

One way to do this is to set the user's shell to /usr/sbin/nologin and
add /usr/sbin/nologin to the /etc/shells file.  They won't be able to
telnet or ssh in, but they will be able to ftp.

--=20
	Dan Nelson
	dnelson@allantgroup.com