Hi, On 06-Nov-01 Thorsten Marquardt wrote:
Hi List,
I like to offer some customers a kind off sftp account but to deny any login to this accounts. So I thought about having /bin/false as shell in /etc/passwd but this prevents sftp to. What can I do?
www.ssh.com offer a shell called ssh-dummy-shell, which provides any hooks for secure file transfer via sftp, but denies access to a real shell. Just replace the std shell entry in your /etc/passwd with it. Other shells (e. g. /bin/false) won't work because sftp actually uses a normal ssh tunnel to transmit data, so it needs a more special treatment like std ftp. This ssh-dummy-shell is part of the SSH server package, and also of the Windows Client-Pack (which also includes all server components). However, the Win-Client-Pack isn't free.
Thanks in advance
Thom
Boris Lorenz