SUMMARY: Limiting account access to ftp

From: Tom Erickson (Thomas.M.Erickson.1@gsfc.nasa.gov)
Date: Wed Jun 16 1999 - 11:06:01 CDT


An overwhelming majority of responses came from the dc-sage
mailing list and instructed to make the account default shell
/bin/false and place the entry /bin/false in the /etc/shells file.
This worked great and is exactly what I was looking for. Of
course you can make the default shell anything so long as it's
bogus (i.e., /bin/true) and you placed the corresponding entry
in the /etc/shells file.

Other suggestions included:

wu-ftpd - ftp://ftp.wu-ftpd.org/pub/wu-ftpd/

Check out /usr/lib/rsh (the restricted shell, not the remote
shell command). The man page for it is in the 1M section of
the manual. I think you can configure this to do what you
want.

Use tcp-wrappers < We have those installed but I haven't been able
                                      to make them restrict access on an account
                                      basis - I'm going to review the compile switches >

Install ProFTPd. www.proftpd.org

Thanks everybody - Tom

Intellisource Information Systems, Inc.
NASA GSFC - Consolidated Space Operations Contract
IPP Systems Administration
Thomas.M.Erickson.1@gsfc.nasa.gov / (301) 286-1439



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:13:21 CDT