On 21-Jun-01 Andreas Rittershofer wrote:
Is it necessary to have a shell account on the machine? I have users which only have ftp access. Is it possible to have users with sftp but no shell?
Yes, it's possible, at least with ssh and its ssh-dummy-shell which has been designed for this purpose. However, I wasn't too successful with other shells (false, noshell, scripts, etc.).
I just tried it with false, it didn't work.
Now I look out for this dummy shell and will test it.
ssh-dummy-shell is part of the ssh package for Linux from ssh.fi (ftp.ssh.fi/pub/ssh/ssh-2.4.0.tar.gz). I don't know wether it runs with OpenSSH. The trick of this dummy-shell is that it provides ssh wrapping of your sftp connection without the need of shell access.
Rejecting console access is highly recommended for sftp users just doing data transfer (e. g. for updating web pages).
Thats exactly what I want.
mfg ar
-- mailto:andreas@rittershofer.de http://www.rittershofer.de PGP-Public-Key http://www.rittershofer.de/ari.htm
---
Boris Lorenz