What I did was create /usr/bin/ports.pl that contains: #!/usr/bin/perl -w print "This account can only be used to forward ports\n"; <STDIN>; and just that. For the user in question, set up his/her shell to be /usr/bin/ports.pl (instead of /bin/bash or whatever). That way, when the user logs in in, they cannot do anything other than type enter to exit. Works for me, and is short enough that there aren't any security issues with it. (Can anybody see any that I've missed?) Peter -- Peter Valdemar Mørch http://www.morch.com
