From owner-freebsd-questions Tue Jun 29 15:39: 9 1999 Delivered-To: freebsd-questions@freebsd.org Received: from ucsu.Colorado.EDU (ucsu.Colorado.EDU [128.138.129.83]) by hub.freebsd.org (Postfix) with ESMTP id 5A4F615295 for ; Tue, 29 Jun 1999 15:39:05 -0700 (PDT) (envelope-from doranj@ucsu.Colorado.EDU) Received: (from doranj@localhost) by ucsu.Colorado.EDU (8.9.3/8.9.3/ITS-5.0/standard) id QAA05010 for freebsd-questions@freebsd.org; Tue, 29 Jun 1999 16:39:04 -0600 (MDT) From: Jonathon Doran Message-Id: <199906292239.QAA05010@ucsu.Colorado.EDU> Subject: Re: Boneheaded Question To: freebsd-questions@freebsd.org Date: Tue, 29 Jun 1999 16:39:04 -0600 (MDT) In-Reply-To: <3.0.6.32.19990629163028.014a1c30@pop.bois.uswest.net> from "Ken" at Jun 29, 99 04:30:28 pm X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > It's almost too embarrassing to ask, but could somebody please clue me into > how to properly configure FTP access? I'm not running anonymous FTP, but > have a couple MAC heads who need to upload some stuff to a web directory, > but don't need shell accts. You have a couple of choices. You could enable anonymous ftp, or you could create accounts for the Mac users but diallow shell access. Most sites would prefer the latter for security reasons. I would create their accounts, and place them in a macuser group (so they can have group write access to parts of the web tree. I would assign them a shell like /sbin/ftponly (note: this doesn't exist yet). I would then make a link from /sbin/nologin to /sbin/ftponly. Then add /sbin/ftponly to /etc/shells (so ftpd will allow them to connect). At this point, the mac users can login via ftpd, but any attempt to start a shell will result in a message like: "This account is currently not available." This sounds like what you want. Jon Doran To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message