Yup, On 07-Nov-01 Teodor Cimpoesu wrote:
Hi Boris! On Wed, 07 Nov 2001, Boris Lorenz wrote:
Hi,
On 06-Nov-01 Teodor Cimpoesu wrote:
Hi Andreas! On Tue, 06 Nov 2001, Andreas Rittershofer wrote:
On 6 Nov 01, at 10:39, Thorsten Marquardt wrote:
I like to offer some customers a kind off sftp account but to deny any login to this accounts. So I thought about having /bin/false as shell in /etc/passwd but this prevents sftp to. What can I do? put /bin/false in /etc/shells and set /bin/false as shell [discl: not tested]
this works with ftp, but not with sftp, which is part of the ssh package.
I've gone thru all the options two years ago... /bin/false, /bin/noshell, my own (perl-)shells, to no avail. Only ssh-dummy-shell does the trick.
If there's an alternative to it, I would be happy to learn.
[another not tested rant :)] maybe: auth required /lib/security/pam_shells.so instead of: auth required /lib/security/pam_nologin.so in /etc/pam.d/sshd?
yeah, the PAM thing... Trouble is I *LOATHE* PAM... Don't know why. Maybe I suck at it ;) I still use ssh-dummy-shell. Works cleanly. However, thanks to teo and Kurt for the tips. I will visit some sites and think about it.
-- teodor
Boris Lorenz <bolo@lupa.de> ---