LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 07-12-2006, 09:20 AM   #1
scavenge
LQ Newbie
 
Registered: Jun 2006
Posts: 1

Rep: Reputation: 0
More secure: check_shell=NO or /bin/false in /etc/shells?


I have an ftp server set up at my school for the sole purpose of holding drive images to use with g4u. The only remote access allowed is thru vsftpd, by a single user whose shell is /bin/false. Since /bin/false is not recognized as a valid shell on this system, I set check_shell=NO in vsftpd.conf. Not like it's a matter of high security or anything, but I was wondering which would be more secure, or if it made a difference: having check_shell=NO in /etc/vsftpd.conf, or listing /bin/false in /etc/shells?
 
Old 07-13-2006, 05:41 PM   #2
XaViaR
Member
 
Registered: Dec 2004
Distribution: RHEL, CentOS, SuSE
Posts: 170

Rep: Reputation: 31
I would install scponly. Then point his shell to it. Scponly will use a chroot jail for people to upload and downlaod files. It is pretty nifty! You should take a look at it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
question about /bin/false usage slacknewbie2 Slackware 4 02-15-2006 11:25 AM
/bin/false vs /sbin/nologin - difference? ziggie216 Linux - General 1 12-22-2005 03:59 AM
problems with /bin/false reactnet Slackware 5 08-29-2005 11:19 PM
SSH Problem /bin/false ultrix Linux - Security 2 06-17-2005 08:31 AM
root /bin/false problem kaboom Linux - Newbie 6 10-24-2003 08:38 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:44 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration