Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

disable shell - enable proftpd

Posted on 2003-11-04
6
1,384 Views
Last Modified: 2013-12-16
debian woody
proftpd

i have enabled DefaultRoot ~ for ProFTPd

I wish to disable shell access for a given user and allow ftp access only.

best/easiest way to acheive this?

thanks
0
Comment
Question by:basko
  • 4
  • 2
6 Comments
 
LVL 38

Expert Comment

by:yuzh
ID: 9684378
Just created an account as a normal user account. But instead of
a shell,(/bin/csh, /bin/bash, ...) just put /bin/false as the
shell and that user won't be able to do shell login (eg, use telnet etc)

0
 

Author Comment

by:basko
ID: 9684396
it seems that when I do this  the ftp login fails also!?
0
 
LVL 38

Expert Comment

by:yuzh
ID: 9684533
Can you using ftp when it has a normal shell (/bin/csh, /bin/bash, ...).
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 38

Accepted Solution

by:
yuzh earned 300 total points
ID: 9684555
I don't has debian + ProFTPd, you can try the followings:

create a file /bin/ftpaccess

echo 'echo "This account is for ftp access only"' > /bin/ftpaccess

chmod a+x /bin/ftpaccess to give it execution rights

Add /bin/ftpaccess into the /etc/shells file
*It is important to have the other shells there as well

create an account that you want to have the ftp access only and for its shell, put /bin/ftpaccess

You will have to set the rights to the directory that you want the account go to.

If you try to telnet to that account, you will get the message "This account is for ftp access only".




0
 

Author Comment

by:basko
ID: 9684973
that seems to do the trick

i had to add #!/bin/bash at the head of the ftpaccess script

root can login to the account using su -s /bin/bash

thanks
0
 
LVL 38

Expert Comment

by:yuzh
ID: 9685035
For security reason, you should not allow root to do ftp. IF you have to allow
root to do FTP, use secure shell instead. (ssh comes with secure FTP, sftp).

Cheers!
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Daily system administration tasks often require administrators to connect remote systems. But allowing these remote systems to accept passwords makes these systems vulnerable to the risk of brute-force password guessing attacks. Furthermore there ar…
Over the last ten+ years I have seen Linux configuration tools come and go. In the early days there was the tried-and-true, all-powerful linuxconf that many thought would remain the one and only Linux configuration tool until the end of times. Well,…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question