From owner-freebsd-questions  Tue Jun 29 15:39: 9 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from ucsu.Colorado.EDU (ucsu.Colorado.EDU [128.138.129.83])
	by hub.freebsd.org (Postfix) with ESMTP id 5A4F615295
	for <freebsd-questions@freebsd.org>; Tue, 29 Jun 1999 15:39:05 -0700 (PDT)
	(envelope-from doranj@ucsu.Colorado.EDU)
Received: (from doranj@localhost)
	by ucsu.Colorado.EDU (8.9.3/8.9.3/ITS-5.0/standard) id QAA05010
	for freebsd-questions@freebsd.org; Tue, 29 Jun 1999 16:39:04 -0600 (MDT)
From: Jonathon Doran <doranj@Colorado.EDU>
Message-Id: <199906292239.QAA05010@ucsu.Colorado.EDU>
Subject: Re: Boneheaded Question
To: freebsd-questions@freebsd.org
Date: Tue, 29 Jun 1999 16:39:04 -0600 (MDT)
In-Reply-To: <3.0.6.32.19990629163028.014a1c30@pop.bois.uswest.net> from "Ken" at Jun 29, 99 04:30:28 pm
X-Mailer: ELM [version 2.4 PL25]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> It's almost too embarrassing to ask, but could somebody please clue me into
> how to properly configure FTP access?  I'm not running anonymous FTP, but
> have a couple MAC heads who need to upload some stuff to a web directory,
> but don't need shell accts.

You have a couple of choices.  You could enable anonymous ftp, or you could
create accounts for the Mac users but diallow shell access.  Most sites
would prefer the latter for security reasons.

I would create their accounts, and place them in a macuser group (so they
can have group write access to parts of the web tree.  I would assign them
a shell like /sbin/ftponly (note: this doesn't exist yet).  I would then
make a link from /sbin/nologin to /sbin/ftponly.  Then add /sbin/ftponly to
/etc/shells (so ftpd will allow them to connect).

At this point, the mac users can login via ftpd, but any attempt to start
a shell will result in a message like:

	"This account is currently not available."

This sounds like what you want.

Jon Doran


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message