How about using a non-login shell for the accounts you don't want people logging in with? The most popular one to use is /bin/false I have a quick question. I'm a solaris admin that is now doing redhat admin work. Whenever I created false shells before (mostly for guest ftp accounts using wu-ftpd), I had to put the shell in /etc/shells for Solaris to recognize it as a valid shell (as an example, /etc/ftponly for anonymous ftp accounts). I still do it by habit for any shell I create but is it required on Redhat? I see /bin/false being used but not listed in the /etc/shells . My guess is that for non-login it doesn't have to be in /etc/shells, but for any kind of connections (like ftp) you need to have a valid shell listed in /etc/shells for the connection to work. Could anyone enlighten me on this? Thanks Ben Y == Original Message Below == We have 40+ machines that are NIS clients of one server. All the machines share a user filesyste. nfs mounted on each client. We want to prevent all but a select few to be able to login to the server. Since all machines have the same effective passwd file it is a problem. We are only interest in ssh access since we have blocked all other types of access to everyone. Any one have some ideas? -- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
