LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 10-10-2003, 08:30 AM   #1
waffe
Member
 
Registered: Sep 2003
Distribution: Debian
Posts: 69

Rep: Reputation: 15
ftp login -- ssh no login


I have created a jailed ftp user account with proftp. This is basically a user who has restrictions on his/her ftp folder. I would like it if they could not login with ssh. I added /sbin/nologin in the passwd file of the user I wanted to stop from using ssh, but as you probably already know, when I do this they cannot ftp in. Is there a way to let a user login with ftp, but not ssh?

Last edited by waffe; 10-10-2003 at 08:36 AM.
 
Old 10-10-2003, 08:59 AM   #2
waffe
Member
 
Registered: Sep 2003
Distribution: Debian
Posts: 69

Original Poster
Rep: Reputation: 15
Well that was easy enough!

Look in /etc/ssh/ there is a file called sshd_config.
By default login is allowed regardless of the group and user name.

Input a new line as the following:
AllowUsers user1 user2 user3
user1-3 should of course exist in /etc/passwd
After "/etc/init.d/ssh restart" only user1-3 are
allowed to access your machine with ssh.
 
Old 10-10-2003, 10:03 AM   #3
trickykid
Guru
 
Registered: Jan 2001
Posts: 24,133

Rep: Reputation: 197Reputation: 197
You can also make it even more secure by giving the ftp users an invalid shell.

First edit your /etc/shells file and add something like:

/bin/false

To the list of shells in the file.

Then edit the user in /etc/passwd by editing their default shell to be /bin/false.

If they try to login as themselves thru ssh, telnet or even locally at the machine, it will deny them access as they wouldn't even have a valid shell to run commands, etc.
 
Old 10-10-2003, 10:05 AM   #4
waffe
Member
 
Registered: Sep 2003
Distribution: Debian
Posts: 69

Original Poster
Rep: Reputation: 15
Sweetness! Will DO -'|'-
 
Old 12-27-2003, 12:42 AM   #5
twantrd
Senior Member
 
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,438

Rep: Reputation: 52
Hey trickykid,

I just tried that method but I don't see the point in it. You cannot login via ssh (good thing) but you can't even use that account (for ftp or anything else). You might as well have not added that user. Even when i tried using their login just for FTP purposes, it won't even allow me.

-twantrd
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh login only with ip CloudBuilder Linux - Networking 3 07-31-2005 11:20 AM
about ssh login... jsnch Linux - Networking 1 07-05-2005 11:39 PM
FTP Server Up and running... how do I hide ftp users from local login screen? joe1031 Mandriva 2 03-18-2005 04:24 PM
SSH Login | Need help !! xedios Linux - Software 0 12-21-2004 12:16 PM
Only Root Login via ssh / ftp Lanmate Linux - General 2 12-22-2003 11:11 PM


All times are GMT -5. The time now is 07:22 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration