I was afraid that might be the answer. Thanks for the quick responses. -----Original Message----- From: redhat-list-admin@xxxxxxxxxx [mailto:redhat-list-admin@xxxxxxxxxx] On Behalf Of Steve Sent: Tuesday, March 02, 2004 2:16 PM To: redhat-list@xxxxxxxxxx Subject: Re: Disallow shell access but not sftp? This has come up before, but the simple answer is "you cant" -- Steve. On Tue, 2 Mar 2004, Salmons, Michael wrote: > Hello, > > Does anyone know how one might disallow a user to logon to a secure > shell but still allow them to make a secure login for ftp (sftp)? I > want this person to have ftp access but not, specifically, have the > ability to run passwd. I tried changing their shell to a variety of > bogus filenames (/dev/null, /bin/ftponly, both as an empty file and as > a symlink to /dev/null), and discovered at that point that sftp must > allow an ssh login to work. I can't block in hosts.deny or allow > because this user obtains an ip from the same dhcp pool we all do; > denying by ip is no good. > > Any ideas? > > Thanks, > > Michael Salmons > salmonsm@xxxxxxxxxxxx > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
