Re: No shell, Only FTP access

To: debian-user@lists.debian.org
Subject: Re: No shell, Only FTP access
From: Oliver Jato <oliver.jato@gmx.de>
Date: Fri, 07 Apr 2006 13:02:41 +0200
Message-id: <[🔎] 1144407761.8726.11.camel@flyricky.lan>
Reply-to: oliver.jato@gmx.de
In-reply-to: <[🔎] 4435885C.30006@online.no>
References: <[🔎] 44355B92.1060608@online.no> <[🔎] 44357F26.4080401@familiasanchez.net> <[🔎] 4435885C.30006@online.no>

Am Donnerstag, den 06.04.2006, 23:30 +0200 schrieb Øyvind Lode:
> Hi
> 
> Thank you :-)
> 
> I'm just running a server for some friends and family so it's not that 
> important.
> 
> I stopped using ftp for some time and just scp/sftp but some compained 
> about poor scp/sftp support in Dreamweaver so I put ftp back online.
> 
> But I don't wan't all of them to have shell access though so for now I 
> just gave these users /bin/false (and updated /etc/shells thanks to Mike 
> Bird :-)
> 
> My server has grown larger and larger with quite a few domains now and 
> still rising but it's still just for "trused" friends etc but still i 
> dont want all of them to have shell access.
> 
> So since my service has grown a little bit more than first expected I 
> will indeed check out your package suggestions because they look like 
> being exactly what I need.
> 
> And yes I considering switching to proftpd but havn't got the time yet 
> and I also need to setup my own DNS service using BIND... And probably 
> switch from Exim to Postfix for the MTA.
> 
> And by the way I use SSL on all MySQL administration through phpMyAdmin :-)
> 
> -Øyvind
> 
> 
> 
> Roberto C. Sanchez wrote:
> > Øyvind Lode wrote:
> >> Hello all
> >>
> >> I running a webserver with multiple users and domains.
> >> I want some users to have no shell access, only FTP access to upload
> >> websites and chroot'ed in their home directory.
> >>
> >> I have all the domains located in /home/www/domainname1/ ,
> >> /home/www/domainname2/ etc.
> >>
> >> I give the user proper access to the domain under /home/www/.
> >> I chroot'ed the user in /home/www/domainname1/
> >> I gave shell /bin/false
> >>
> >> User is denied shell access but also FTP!!!
> >> If I give /bin/bash and test the user is logged inn and chroot'ed in
> >> /home/www/domainame1/
> >>
> >> I'm using vsFTPd.
> >>
> >> How can I deny shell access and allow FTP?
> >>
> > 
> > You might get better answers on the debian-isp list.
> > 
> > Have you considered any of the following?
> > 
> > 1) Using a package like scponly or rssh? (You probably should not let
> > your users use an insecure protocol like ftp anyways)
> > 2) Using an ftp server that supports virtual users (not sure if vsftpd
> > does) so that they don't even have accounts on the machine?
> > 3) Using something like linux-virtual-server to give each user their own
> > disk space?
> > 
> > -Roberto
> > 
> 
> 

hello,
someone correct me if i'm wrong, but if you want to give a real user ftp
access he needs shell access. you could create a virtual user with vsftp
and deny ssh and ftp access to the real user. but i don't know how this
would affect chrooting and permissions. i'm afraid i can't help you with
creating virtual vsftp users, i never did it, but i shouldn't be very
difficult.

Grüße / Regards,
Oliver
--
Of course you have a purpose -- to find a purpose.

Reply to:

References:
- No shell, Only FTP access
  - From: Øyvind Lode <o-lode@online.no>
- Re: No shell, Only FTP access
  - From: "Roberto C. Sanchez" <roberto@familiasanchez.net>
- Re: No shell, Only FTP access
  - From: Øyvind Lode <o-lode@online.no>

Prev by Date: packages meltdown
Next by Date: (no subject)
Previous by thread: Re: No shell, Only FTP access
Next by thread: Re: No shell, Only FTP access
Index(es):
- Date
- Thread