Subject: Re: ftp yes, shell no
To: Johnny Billquist <>
From: Steven M. Bellovin <>
List: netbsd-users
Date: 07/29/2004 10:02:17
In message <Pine.LNX.4.58.0407291526510.24911@Tempo.Update.UU.SE>, Johnny Billq
uist writes:
>On Thu, 29 Jul 2004, Zafer Aydogan wrote:
>> Hello everyone on the whole wide world,
>> My Aim is to enable ftp access, but deny shell access.
>> If I set the shell to /sbin/nologin the ftp login is also denied with the
>> words "the user may not use ftp".
>> How shall I manage this ?
>Add the /sbin/nologin to /etc/shells.

That would let all users with that as their shell use ftp.  Instead, 
create a link /sbin/nologin-with-ftp to /sbin/nologin, and add
the new name to /etc/shells.

		--Steve Bellovin,