Hallo Steffen, Am 30.01.03 schriebst Du:
- Thorsten Marquardt wrote on Thu, Jan 30, 2003 at 14:45 +0000:
I tried to use rbash to restrict a users capabilities but need to allow filetransfer (sftp). Unfortunatly the sftp-session is termianated immediately. Is there a chance to enable this combination?
Surely, IIRC sftp-server has some special shell (a minimal, non-interactive shell). Maybe /etc/shells is checked or such for security reasons. Maybe it has nothing to do with rbash? Did you tested it with a standard shell?
is bash standard enough? Yes it works fine with bash. But I fear I have not been precise enough. So to clear things. I want to have rbash (or a similar one) as customers login shell on our web-server. Remote users should be able to do at least sftp to the server. But if rbash is the login shell the sftp session is terminated immediatly. As workaround I installed a .profile in the user $HOME wich does nothing but: #!/bin/sh # # ftponly shell # trap "/bin/echo Sorry; exit 0" 1 2 3 4 5 6 7 10 15 # IFS="" Admin=theguruhimself@I-am.still-dreaming.tld System=`/bin/hostname`@`/bin/dnsdomainname` # /bin/echo /bin/echo "********************************************************************" /bin/echo " You are NOT allowed interactive access to $System." /bin/echo /bin/echo " Direct questions concerning this policy to $Admin." /bin/echo "********************************************************************" /bin/echo # # exit 0 Thanks Thom