Re: Allow FTP in, but not shell login

To: debian-security@lists.debian.org
Subject: Re: Allow FTP in, but not shell login
From: Jörgen Persson <jpn@tlth.lth.se>
Date: Wed, 14 Mar 2001 09:38:36 +0100
Message-id: <[🔎] 20010314093836.C5219@tlth.lth.se>
Mail-followup-to: Jörgen Persson <jpn@tlth.lth.se>, debian-security@lists.debian.org
In-reply-to: <[🔎] 4.3.2.7.2.20010313120705.02f98650@10.10.40.54>; from eric.valor@lutris.com on Tue, Mar 13, 2001 at 12:08:17PM -0800
References: <[🔎] Pine.LNX.4.04.10103131855050.17891-100000@lolo.logina.lt> <[🔎] Pine.LNX.4.21.0103131044520.5206-100000@www.skyjammer.com> <[🔎] Pine.LNX.4.04.10103131855050.17891-100000@lolo.logina.lt> <[🔎] 20010313114832.B2055@mikef-linux-x86> <[🔎] 4.3.2.7.2.20010313120705.02f98650@10.10.40.54>

On Tue, Mar 13, 2001 at 12:08:17PM -0800, Eric N. Valor wrote:
> 
> Try setting the shell to /bin/true (and make sure this is listed in
> /etc/shells). /bin/true returns a zero result and exits. It allows you
> to "log in" via daemons that require a valid shell, yet won't allow
> telnet-style access (no real shell, just a "true" result).
[snip]

/usr/bin/passwd can sometimes be usefull as shell... By the way, check
the bugtraq archives -- remote exploits for accounts with /bin/false as
shell have been seen on there.

Jörgen

Reply to:

Follow-Ups:
- Re: Allow FTP in, but not shell login
  - From: "Neil Grant" <neilslists@yahoo.com>

References:
- Re: Allow FTP in, but not shell login
  - From: Andrius Kasparavicius <andrius@andrius.org>
- Allow FTP in, but not shell login
  - From: Kenneth Pronovici <pronovic@skyjammer.com>
- Re: Allow FTP in, but not shell login
  - From: Mike Fedyk <mikef@matchmail.com>
- Re: Allow FTP in, but not shell login
  - From: "Eric N. Valor" <eric.valor@lutris.com>

Prev by Date: Re: Allow FTP in, but not shell login
Next by Date: Re: Server reboots
Previous by thread: Re: Allow FTP in, but not shell login
Next by thread: Re: Allow FTP in, but not shell login
Index(es):
- Date
- Thread