From owner-freebsd-questions@FreeBSD.ORG Mon Jun 23 07:03:51 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B3BF337B401 for ; Mon, 23 Jun 2003 07:03:51 -0700 (PDT) Received: from ensim1.kuruption.net (kuruption.net [64.246.28.125]) by mx1.FreeBSD.org (Postfix) with ESMTP id C582943FDD for ; Mon, 23 Jun 2003 07:03:50 -0700 (PDT) (envelope-from raymond@sundland.com) Received: from kuruption.net (pcp03026213pcs.plnfld01.nj.comcast.net [68.85.62.182]) by ensim1.kuruption.net (8.11.6/8.11.6) with ESMTP id h5NE3oR32621; Mon, 23 Jun 2003 10:03:50 -0400 Received: by kuruption.net (Postfix, from userid 50) id 77F6F8D9CC; Mon, 23 Jun 2003 10:03:44 -0400 (EDT) Received: from sundland.com (ensim1.kuruption.net [64.246.28.125]) by kuruption.net (Postfix) with ESMTP id 7C3F08D9C8; Mon, 23 Jun 2003 10:03:42 -0400 (EDT) Message-ID: <3EF707EB.1060406@sundland.com> Date: Mon, 23 Jun 2003 10:00:11 -0400 From: Raymond Sundland User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.3.1) Gecko/20030425 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Rob Lahaye References: <20030613125624.87202.qmail@web13407.mail.yahoo.com> <3EF7072C.7020908@users.sourceforge.net> In-Reply-To: <3EF7072C.7020908@users.sourceforge.net> X-Enigmail-Version: 0.73.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, hits=-1.4 required=5.0 tests=IN_REP_TO,REFERENCES,SPAM_PHRASE_00_01,TO_BE_REMOVED_REPLY, USER_AGENT,USER_AGENT_MOZILLA_UA,X_ACCEPT_LANG version=2.44 X-Spam-Level: cc: freebsd-questions@freebsd.org Subject: Re: creating ftp users! X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Jun 2003 14:03:52 -0000 Rob, You can try setting the user's shell to /usr/libexec/sftp-server (or wherever the sftp-server binary exists under FreeBSD). This will give the user ability to SFTP into the box, but without a normal shell. /usr/lib/exec/sftp-server should be added to /etc/shells, too. Rob Lahaye wrote: > > I have not inetd running, but instead only allow secure > connections with ssh and sftp. > However, the hints given here seem to only apply to ftpd > server and not the sftp connection. /sbin/nologin disables > both, ssh and sftp. > > Is there a way to disable ssh, but allow sftp access only? > Can I do the /etc/ftpchroot for sftp as well? > > Thanks, > Rob. > > Jonathan Arnold wrote: > >>>How to create users for Ftp server(inetd)? >> >>You just use the 'adduser' command normally, to add a "normal" >>user. If they are just going to be doing ftp, you can use the >>/sbin/nologin for their shell, so they can't login. > > > Doron Shmaryahu wrote: > >>I would also suggest limiting ftp users to their respective home dir. You >>can do this simply by creating a file /etc/ftpchroot and putting all the >>usernames in there. > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"