Re: Adding /bin/false to /etc/shells
> On Mon, Dec 18, 2006 at 03:49:26PM +0100, L.W. van Braam van Vloten wrote:
> > Is there any objection against adding /bin/false to the file
> > /etc/shells? Most notably, are there any security considerations?
> >
> > I wish to create a user that can log in to my FTP server, but without
> > shell access. I can prevent the shell access by specifying /bin/false
> > as the user shell. But my ProFTPD server will only allow this user to
> > log in if /bin/false is present in /etc/shells. By default this is not
> > the case.
On 18.12.06 12:10, Roberto C. Sanchez wrote:
> You don't even need to have /bin/false in /etc/shells. In fact, you can
> give the user any binary which is not in /etc/shells and he won't be
> able to log in. But /bin/false is the usual for users not permitted to
> login via the shell.
and permitted to log in via FTP.
Yes, logins like ftponly, passwd, scponly and nologin are more intuitive...
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
It's now safe to throw off your computer.
Reply to: