|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
Create a Highly Available Database Solution. Advantage Database Server can provide the availability to keep your data safe and ready for your application and users. |
|
#1
November 15th, 2000, 08:52 AM
|
|||
|
|||
|
Using FreeBSD 3.4
I can define a user's FTP root to their directory using /etc/ftpchroot But I can't do the same with telnet and I can't deny telnet without taking away FTP... Telnet isn't a necessary feature for these users, so how do I deny telnet and not FTP? Or barring that how do I limit their telnet access to the user root? (long shot I know).
|
|
#2
November 15th, 2000, 09:32 AM
|
|||
|
|||
|
>>how do I limit their telnet access to the user root?
Can't unless you write your own shell. >>But I can't do the same with telnet and I can't deny telnet without taking away FTP 1) cat /etc/shells ############################################# # $FreeBSD: src/etc/shells,v 1.3.2.1 2000/07/10 08:47:17 obrien Exp $ # # List of acceptable shells for chpass(1). # Ftpd will not allow users to connect who are not using # one of these shells. /bin/sh /bin/csh /bin/tcsh ############################################# So that means, as long as a user has a shell from the choices above, he can login both FTP and Telnet. 2) Next, su to a non-system user or create a new user just for testing purpose, assign a /sbin/nologin shell to such user. Or use "vipw" to change the user's shell. 3) Telnet in and FTP in with such user, for Telnet, you would get "This account is not available" or something, for FTP, such user simply gets login failed, that is supposed to be because you need one more step as follow.. 4) vi /etc/shells add /sbin/nologin to the list so you should get: /bin/sh /bin/csh /bin/tcsh /sbin/nologin As the cat /etc/shells from (1) mentions, "Ftpd will not allow users to connect who are not using one of these shells". Ftpd doesn't care whether it's nologin shell or whatever, as long as such shell is listed here and the user's shell belongs to one of these, such user is allow to FTP login, but not ssh/telnet.
|
|
#5
December 6th, 2000, 04:06 PM
|
|||
|
|||
|
I am trying to setup an FTP-only account on Linux RH6.1 box - and have the user login directory be their root so that cannot explore and view other directories/files on the machine. Does anyone know how I do this?
|
|
#6
January 6th, 2001, 02:30 PM
|
|||
|
|||
|
you could add an "#" in front of the "telnet"
line in /etc/inetd.conf and do a killall -HUP inetd to restart the inet daemon. this stops the telnet daemon from starting at boot- time
|
|
| Viewing: Dev Shed Forums > System Administration > FTP Help > FreeBSD - FTP login w/o telnet |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
|
 |
|
|
 |
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
