On Sun, 2006-01-29 at 21:57, Alin Osan wrote:
> techlist wrote:
> > I need to be able to allow specific system accounts to ftp to a box. As
> > far as I can tell I have to give them a shell in /etc/passwd (i.e.
> > /bin/bash) in order for their ftp login to work. I do *not* however
> > want them to be able to log into a shell or ssh session. I cannot
> > restrict by IP. What's the best way to accomplish this?
>
> You can edit your /etc/pam.d/vsftpd and comment/remove pam_shells.so,
> something like:
>
> #auth required pam_shells.so
>
> This will allow the login without shell access.
Or, you give then a shell like /bin/false that won't work
as a login shell and add it to the list in /etc/shells
so the ftp server's shell check will succeed.
--
Les Mikesell
lesmikesell@xxxxxxxxx
