Solved

disable shell - enable proftpd

Posted on 2003-11-04
6
1,386 Views
Last Modified: 2013-12-16
debian woody
proftpd

i have enabled DefaultRoot ~ for ProFTPd

I wish to disable shell access for a given user and allow ftp access only.

best/easiest way to acheive this?

thanks
0
Comment
Question by:basko
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 38

Expert Comment

by:yuzh
ID: 9684378
Just created an account as a normal user account. But instead of
a shell,(/bin/csh, /bin/bash, ...) just put /bin/false as the
shell and that user won't be able to do shell login (eg, use telnet etc)

0
 

Author Comment

by:basko
ID: 9684396
it seems that when I do this  the ftp login fails also!?
0
 
LVL 38

Expert Comment

by:yuzh
ID: 9684533
Can you using ftp when it has a normal shell (/bin/csh, /bin/bash, ...).
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 38

Accepted Solution

by:
yuzh earned 300 total points
ID: 9684555
I don't has debian + ProFTPd, you can try the followings:

create a file /bin/ftpaccess

echo 'echo "This account is for ftp access only"' > /bin/ftpaccess

chmod a+x /bin/ftpaccess to give it execution rights

Add /bin/ftpaccess into the /etc/shells file
*It is important to have the other shells there as well

create an account that you want to have the ftp access only and for its shell, put /bin/ftpaccess

You will have to set the rights to the directory that you want the account go to.

If you try to telnet to that account, you will get the message "This account is for ftp access only".




0
 

Author Comment

by:basko
ID: 9684973
that seems to do the trick

i had to add #!/bin/bash at the head of the ftpaccess script

root can login to the account using su -s /bin/bash

thanks
0
 
LVL 38

Expert Comment

by:yuzh
ID: 9685035
For security reason, you should not allow root to do ftp. IF you have to allow
root to do FTP, use secure shell instead. (ssh comes with secure FTP, sftp).

Cheers!
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
The purpose of this article is to demonstrate how we can use conditional statements using Python.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Suggested Courses

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question