Solved

disable shell - enable proftpd

Posted on 2003-11-04
6
1,388 Views
Last Modified: 2013-12-16
debian woody
proftpd

i have enabled DefaultRoot ~ for ProFTPd

I wish to disable shell access for a given user and allow ftp access only.

best/easiest way to acheive this?

thanks
0
Comment
Question by:basko
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 38

Expert Comment

by:yuzh
ID: 9684378
Just created an account as a normal user account. But instead of
a shell,(/bin/csh, /bin/bash, ...) just put /bin/false as the
shell and that user won't be able to do shell login (eg, use telnet etc)

0
 

Author Comment

by:basko
ID: 9684396
it seems that when I do this  the ftp login fails also!?
0
 
LVL 38

Expert Comment

by:yuzh
ID: 9684533
Can you using ftp when it has a normal shell (/bin/csh, /bin/bash, ...).
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 
LVL 38

Accepted Solution

by:
yuzh earned 300 total points
ID: 9684555
I don't has debian + ProFTPd, you can try the followings:

create a file /bin/ftpaccess

echo 'echo "This account is for ftp access only"' > /bin/ftpaccess

chmod a+x /bin/ftpaccess to give it execution rights

Add /bin/ftpaccess into the /etc/shells file
*It is important to have the other shells there as well

create an account that you want to have the ftp access only and for its shell, put /bin/ftpaccess

You will have to set the rights to the directory that you want the account go to.

If you try to telnet to that account, you will get the message "This account is for ftp access only".




0
 

Author Comment

by:basko
ID: 9684973
that seems to do the trick

i had to add #!/bin/bash at the head of the ftpaccess script

root can login to the account using su -s /bin/bash

thanks
0
 
LVL 38

Expert Comment

by:yuzh
ID: 9685035
For security reason, you should not allow root to do ftp. IF you have to allow
root to do FTP, use secure shell instead. (ssh comes with secure FTP, sftp).

Cheers!
0

Featured Post

Stressed Out?

Watch some penguins on the livecam!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
The purpose of this article is to demonstrate how we can use conditional statements using Python.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question