how to deny user from accessing FTP service,restrict using /etc/hosts.deny in REDHAT6....

You can use /etc/vsftpd/ftpusers file, no need to use TCP Wrappers for this.

See this thread.

The OP specifically asked about using TCP wrappers..wouldn't it be best to address the need? And the thread you directed to is ten years old...quite a bit has changed.

OP, RedHat's knowledgebase has articles on this. Read the man pages for hosts_access, too:
http://docs.redhat.com/docs/en-US/Re...rs-access.html

You don't say what FTP server you're using, but wu_ftpd, pureftp, and vsftpd all have ways of doing this as well.

"user" and hosts.deny is not typical, not like peanut butter & jelly.

i am not a big user of hosts.deny/allow,

typically hosts.deny/allow use hostnames or IP. however, maybe a way to mix "user" in with hosts.deny/allow is to use hosts.allow with something like "in.ftpd ALL:" and spawn a script that reads a file "not-allowed-ftp-users" and then finds a ftpd PID that matches username from file list and then kill the PID.

sounds like it can work, just not sure if this is what you are needing, meaning there are other better ways to handle such, but you asked about hosts.deny, etc.

Redhat 6 is more than 10 years old (though I concede that he may have meant RHEL 6 rather than Redhat 6) and TCP wrappers isn't the correct way block specific users from FTP (in many cases, it's not even possible). If you want to block specific users then you need to blacklist them in the FTP server settings (as the guy you quoted correctly advised)

if it is RH6 then it should not be still connected to the net
IF it is RHEL6.2 then i would NOT use the host file

add a FTP user group and set a SElinux rule to only allow THAT group

1 members found this post helpful.

Indeed, but you'd be amazed at some of the old systems that are still in use (in my last job, there was a Win95 desktop still being used as a web terminal for secure payments - in fact it's probably still in use :-/ )