Hi, would a shellscript like the following also do the work: ---------- #!/bin/sh # # ftponly shell # trap "/bin/echo Sorry; exit 0" 1 2 3 4 5 6 7 10 15 # IFS="" Admin=access@host.some.domain System=`/usr/ucb/hostname`@`/usr/bin/domainname` # /bin/echo /bin/echo "********************************************************************" /bin/echo " You are NOT allowed interactive access to $System." /bin/echo /bin/echo " User accounts are restricted to ftp and web access." /bin/echo /bin/echo " Direct questions concerning this policy to $Admin." /bin/echo "********************************************************************" /bin/echo # # C'ya # exit 0 ---------- -----Ursprüngliche Nachricht----- Von: Andreas Rittershofer [mailto:andreas@rittershofer.de] Gesendet am: Dienstag, 6. November 2001 14:05 An: suse-security@suse.com Betreff: Re: [suse-security] sftp without without a valid shell? On 6 Nov 01, at 10:39, Thorsten Marquardt wrote:

I like to offer some customers a kind off sftp account but to deny any login to this accounts. So I thought about having /bin/false as shell in /etc/passwd but this prevents sftp to. What can I do?

Install a dummy-shell. mfg ar -- mailto:andreas@rittershofer.de http://www.rittershofer.de PGP-Public-Key http://www.rittershofer.de/ari.htm -- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com