Visit the LQ Articles and Editorials section
Go Back > Forums > Linux Forums > Linux - General
User Name
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.


  Search this Thread
Old 10-10-2003, 08:30 AM   #1
Registered: Sep 2003
Distribution: Debian
Posts: 69

Rep: Reputation: 15
ftp login -- ssh no login

I have created a jailed ftp user account with proftp. This is basically a user who has restrictions on his/her ftp folder. I would like it if they could not login with ssh. I added /sbin/nologin in the passwd file of the user I wanted to stop from using ssh, but as you probably already know, when I do this they cannot ftp in. Is there a way to let a user login with ftp, but not ssh?

Last edited by waffe; 10-10-2003 at 08:36 AM.
Old 10-10-2003, 08:59 AM   #2
Registered: Sep 2003
Distribution: Debian
Posts: 69

Original Poster
Rep: Reputation: 15
Well that was easy enough!

Look in /etc/ssh/ there is a file called sshd_config.
By default login is allowed regardless of the group and user name.

Input a new line as the following:
AllowUsers user1 user2 user3
user1-3 should of course exist in /etc/passwd
After "/etc/init.d/ssh restart" only user1-3 are
allowed to access your machine with ssh.
Old 10-10-2003, 10:03 AM   #3
LQ Guru
Registered: Jan 2001
Posts: 24,147

Rep: Reputation: 229Reputation: 229Reputation: 229
You can also make it even more secure by giving the ftp users an invalid shell.

First edit your /etc/shells file and add something like:


To the list of shells in the file.

Then edit the user in /etc/passwd by editing their default shell to be /bin/false.

If they try to login as themselves thru ssh, telnet or even locally at the machine, it will deny them access as they wouldn't even have a valid shell to run commands, etc.
Old 10-10-2003, 10:05 AM   #4
Registered: Sep 2003
Distribution: Debian
Posts: 69

Original Poster
Rep: Reputation: 15
Sweetness! Will DO -'|'-
Old 12-27-2003, 12:42 AM   #5
Senior Member
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,440

Rep: Reputation: 52
Hey trickykid,

I just tried that method but I don't see the point in it. You cannot login via ssh (good thing) but you can't even use that account (for ftp or anything else). You might as well have not added that user. Even when i tried using their login just for FTP purposes, it won't even allow me.



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh login only with ip CloudBuilder Linux - Networking 3 07-31-2005 11:20 AM
about ssh login... jsnch Linux - Networking 1 07-05-2005 11:39 PM
FTP Server Up and running... how do I hide ftp users from local login screen? joe1031 Mandriva 2 03-18-2005 04:24 PM
SSH Login | Need help !! xedios Linux - Software 0 12-21-2004 12:16 PM
Only Root Login via ssh / ftp Lanmate Linux - General 2 12-22-2003 11:11 PM

All times are GMT -5. The time now is 04:29 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration