Re: No shell, Only FTP access
Am Donnerstag, den 06.04.2006, 23:30 +0200 schrieb Øyvind Lode:
> Hi
>
> Thank you :-)
>
> I'm just running a server for some friends and family so it's not that
> important.
>
> I stopped using ftp for some time and just scp/sftp but some compained
> about poor scp/sftp support in Dreamweaver so I put ftp back online.
>
> But I don't wan't all of them to have shell access though so for now I
> just gave these users /bin/false (and updated /etc/shells thanks to Mike
> Bird :-)
>
> My server has grown larger and larger with quite a few domains now and
> still rising but it's still just for "trused" friends etc but still i
> dont want all of them to have shell access.
>
> So since my service has grown a little bit more than first expected I
> will indeed check out your package suggestions because they look like
> being exactly what I need.
>
> And yes I considering switching to proftpd but havn't got the time yet
> and I also need to setup my own DNS service using BIND... And probably
> switch from Exim to Postfix for the MTA.
>
> And by the way I use SSL on all MySQL administration through phpMyAdmin :-)
>
> -Øyvind
>
>
>
> Roberto C. Sanchez wrote:
> > Øyvind Lode wrote:
> >> Hello all
> >>
> >> I running a webserver with multiple users and domains.
> >> I want some users to have no shell access, only FTP access to upload
> >> websites and chroot'ed in their home directory.
> >>
> >> I have all the domains located in /home/www/domainname1/ ,
> >> /home/www/domainname2/ etc.
> >>
> >> I give the user proper access to the domain under /home/www/.
> >> I chroot'ed the user in /home/www/domainname1/
> >> I gave shell /bin/false
> >>
> >> User is denied shell access but also FTP!!!
> >> If I give /bin/bash and test the user is logged inn and chroot'ed in
> >> /home/www/domainame1/
> >>
> >> I'm using vsFTPd.
> >>
> >> How can I deny shell access and allow FTP?
> >>
> >
> > You might get better answers on the debian-isp list.
> >
> > Have you considered any of the following?
> >
> > 1) Using a package like scponly or rssh? (You probably should not let
> > your users use an insecure protocol like ftp anyways)
> > 2) Using an ftp server that supports virtual users (not sure if vsftpd
> > does) so that they don't even have accounts on the machine?
> > 3) Using something like linux-virtual-server to give each user their own
> > disk space?
> >
> > -Roberto
> >
>
>
hello,
someone correct me if i'm wrong, but if you want to give a real user ftp
access he needs shell access. you could create a virtual user with vsftp
and deny ssh and ftp access to the real user. but i don't know how this
would affect chrooting and permissions. i'm afraid i can't help you with
creating virtual vsftp users, i never did it, but i shouldn't be very
difficult.
Grüße / Regards,
Oliver
--
Of course you have a purpose -- to find a purpose.
Reply to: