Restricting SSH logins.
 

I've done some googling, but I cannot find a rock solid way of doing what I want. Heres the deal, I'm running Slackware 10.0 with proftpd which is working fine, in fact everything is running great. My problem is that proftpd runs on local user accounts which I like, but I don't want them all to have access via SSH. So my question is how do I allow certain users access via SSH and not others, but still allow everyone access to FTP. Thanks in advance.

There is a standard and very secure way of doing this through shell selection.

See, every user on your system needs a shell and (AFAIK) proftpd checks /etc/shells to make sure that the user has a "valid" shell. As long as the shell the user has appears in this list proftpd will let them log in.

The trick is giving users you don't want to be able to have terminal access a dummy shell. You can do this by adding /dev/null to the end of the /etc/shells file, and then assigning ftp-only users that shell. This way when they log in via SSH they'll be presented with nothing but they can still log in via FTP.

The slightly cleaner way of doing this is to assign the users a shell script, like /var/nologin, looks like the following
That way when they log in they're presented with a message then kicked off. This is, however, not strictly necessary.

I've found the answer :).
edit the /etc/ssh/sshd_config
Add the following to the file above uncommented.
or
Any user or group not listed will not have ssh access to the system.

That's one way of doing it but assigning the user a null shell is always a good way to go.