LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-04-2009, 12:03 PM   #1
the182guy
Member
 
Registered: Jan 2009
Posts: 40

Rep: Reputation: 15
User requires SSH access to connect to FTP, why?


Hi all,

I have a CentOS dedicated server running ProFTP. I have created user accounts which are meant for FTP access only but the users cannot connect to the FTP unless their shell access is /bin/bash

Here is an example line that is outputted when I use this command:

cat /etc/passwd

johnsmith:x:502:501::/var/www/vhosts/johnsmith.com:/bin/bash

This user can access the FTP fine, but he can also access SSH which I don't want to allow him to do. If I set his shell access to /bin/false then he can't connect to the FTP.

What can I use in instead of /bin/bash to allow FTP but don't allow SSH?
 
Old 10-04-2009, 12:34 PM   #2
MS3FGX
LQ Guru
 
Registered: Jan 2004
Location: NJ, USA
Distribution: Slackware, Debian
Posts: 5,852

Rep: Reputation: 361Reputation: 361Reputation: 361Reputation: 361
Not sure why that would be, FTP users shouldn't need a valid shell. What error message do you get on the client, and what do the server logs say when the person tries to login?

Alternately, you could just block the FTP users from SSH in the sshd configuration file with "DenyUsers", or better yet, just whitelist the people you actually need to have remote shell access and block everyone else by default with "AllowUsers".
 
Old 10-04-2009, 01:33 PM   #3
DrLove73
Senior Member
 
Registered: Sep 2009
Location: Srbobran, Serbia
Distribution: CentOS 5.5 i386 & x86_64
Posts: 1,118
Blog Entries: 1

Rep: Reputation: 129Reputation: 129
From http://raetsel.wordpress.com/2007/03...ls-and-nobody/ :
Quote:
However /usr/bin/false needs to be added to /etc/shells to make it a valid login shell. Without this when you try to ftp as a user that has a shell of /usr/bin/false you’ll get a “530 Login incorrect. Login failed.” regardless of whether you get the password right or not.
, and take a look at this: http://www.cyberciti.biz/tips/linux-...tp-server.html

Using google is SOOOOOO easy. I found this withing 3 minutes, within first 5 offered links with search "proftpd /bin/false".
 
Old 10-04-2009, 02:37 PM   #4
the182guy
Member
 
Registered: Jan 2009
Posts: 40

Original Poster
Rep: Reputation: 15
Thanks all, that helps a lot.

I have added /bin/false to /etc/shells and the problem is solved, the user has no access via SSH but retains normal access via FTP. Thanks again.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
User requires SSH access to connect to FTP, why? the182guy Linux - Newbie 1 10-04-2009 03:56 PM
my FC9 requires User&Pass to access share!!!!! m.alshafay Linux - Newbie 1 09-25-2008 02:15 PM
enable a command that requires root access for a normal user marsguy Linux - General 2 10-08-2006 09:43 AM
only FTP access to user not ssh or telnet farhank Linux - Security 3 10-27-2005 09:30 AM
Denying access to SSH but allow access to FTP nemesisza Linux - Security 5 03-14-2004 10:25 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 09:10 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration