Subject: Re: ftp yes, shell no
To: Johnny Billquist <email@example.com>
From: Steven M. Bellovin <firstname.lastname@example.org>
Date: 07/29/2004 10:02:17
In message <Pine.LNX.4.58.0407291526510.24911@Tempo.Update.UU.SE>, Johnny Billq
>On Thu, 29 Jul 2004, Zafer Aydogan wrote:
>> Hello everyone on the whole wide world,
>> My Aim is to enable ftp access, but deny shell access.
>> If I set the shell to /sbin/nologin the ftp login is also denied with the
>> words "the user may not use ftp".
>> How shall I manage this ?
>Add the /sbin/nologin to /etc/shells.
That would let all users with that as their shell use ftp. Instead,
create a link /sbin/nologin-with-ftp to /sbin/nologin, and add
the new name to /etc/shells.
--Steve Bellovin, http://www.research.att.com/~smb