sftp and shell access
Louis LeBlanc
FreeBSD at keyslapper.org
Tue Dec 14 08:23:57 PST 2004
On 12/14/04 10:11 AM, Josh Paetzel sat at the `puter and typed:
> I am looking for a way to give a user an sftp account without giving
> them a shell. So far I've tried setting their shell
> to /sbin/nologin, but when they try to log in via sftp it gives them
> a "message to long" error.
>
> Any pointers would be appreciated...I've tried the FAQ, handbook and
> google so far.
Can you restrict external logins from /etc/login.access?
You can do it by username or group, ie. ftponly.
This should do it:
# Disallow logins to all in the ftponly group
-:ftponly:ALL
This should only affect shell logins, so ftp should still work.
--
Louis LeBlanc FreeBSD at keyslapper.org
Fully Funded Hobbyist, KeySlapper Extrordinaire :)
http://www.keyslapper.org Ô¿Ô¬
Correspondence Corollary:
An experiment may be considered a success if no more than half
your data must be discarded to obtain correspondence with your theory.
More information about the freebsd-questions
mailing list