sFTP nologin
Peter Risdon
peter at circlesquared.com
Fri Mar 25 08:09:38 PST 2005
On Fri, 2005-03-25 at 10:59 -0500, Eric McCoy wrote:
> Grant Peel wrote:
> > Is there a quick - secure way to allow the sshd sFTP subsystem to allows
> > sftp connections without allowing shell accounts?
>
> Create the account and set its shell to /sbin/nologin. You can safely
> add that to /etc/shells: it does its name and just prints a terse
> message before booting the user if he tries to connect via vanilla SSH.
Hmmm... I tried that myself before and it didn't work. I get:
Received message too long 1416128883
from sftp if I try to log in to an account with /sbin/nologin as the
shell. That's why I suggested rssh to the OP.
Peter.
More information about the freebsd-questions
mailing list