Date: Fri, 25 Mar 2005 16:09:24 +0000 From: Peter Risdon <peter@circlesquared.com> To: Eric McCoy <emccoy@haystacks.org> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: sFTP nologin Message-ID: <1111766964.756.343.camel@lorna.circlesquared.com> In-Reply-To: <4244354E.10401@haystacks.org> References: <002c01c53145$b9c64390$6401a8c0@GRANT> <4244354E.10401@haystacks.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 2005-03-25 at 10:59 -0500, Eric McCoy wrote: > Grant Peel wrote: > > Is there a quick - secure way to allow the sshd sFTP subsystem to allows > > sftp connections without allowing shell accounts? > > Create the account and set its shell to /sbin/nologin. You can safely > add that to /etc/shells: it does its name and just prints a terse > message before booting the user if he tries to connect via vanilla SSH. Hmmm... I tried that myself before and it didn't work. I get: Received message too long 1416128883 from sftp if I try to log in to an account with /sbin/nologin as the shell. That's why I suggested rssh to the OP. Peter.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1111766964.756.343.camel>