sftp and shell access
Doug Hardie
bc979 at lafn.org
Tue Dec 14 17:03:04 PST 2004
On Dec 14, 2004, at 02:11, Josh Paetzel wrote:
> I am looking for a way to give a user an sftp account without giving
> them a shell. So far I've tried setting their shell
> to /sbin/nologin, but when they try to log in via sftp it gives them
> a "message to long" error.
>
> Any pointers would be appreciated...I've tried the FAQ, handbook and
> google so far.
sftp uses a ssh connection to tunnel to ftp. The connection is
actually made to your ssh port. There is also ftps which is ftp with
ssh imbedded in it (like https). With that the connection is actually
made to fhe ftp server port. ftps is available in the ports
(BSDftpd-ssl). Since it doesn't use ssh you can set the user to not
have login capability.
Clients for ftps or sftp are not always easy to find. The web page for
BSDftpd-ssl does list a number of compatable clients that are
available. I suspect that sometime there will be a general shift to
one of those approaches and the other will go away which would make it
easier to find clients.
More information about the freebsd-questions
mailing list