Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.mira.net.au!yarrina.connect.com.au!news.mel.connect.com.au!munnari.OZ.AU!news.ecn.uoknor.edu!paladin.american.edu!europa.chnt.gtegsc.com!news.kreonet.re.kr!usenet.seri.re.kr!news.cais.net!news.jsums.edu!gatech!newsfeed.internetmci.com!in2.uu.net!news.usaor.net!news From: Brian Hess <brian@usaor.net> Newsgroups: comp.unix.bsd.bsdi.misc Subject: Re: FTP access instead of Telnet Date: Fri, 08 Mar 1996 11:02:32 -0500 Organization: USA OnRamp Lines: 29 Message-ID: <31405A18.10BC@usaor.net> References: <4hmusr$58p@Nntp1.mcs.net> <4hnutf$71b@hatathli.csulb.edu> NNTP-Posting-Host: pc29.usaor.com Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: Mozilla 2.0 (Win95; I) There is a problem with this. They can still get to the entire directory structure /etc /usr outside of their home directory. What you need to add is the following: put them in their own group (e.g. ftponly) put this group in the /etc/ftpaccess file (see man ftaccess): # specify which group of users will be treated as "guests". guestgroup ftponly, ftp Then in their root directory you need to put ftp anon files: /bin /etc /pub /shlib > Try this: > > 1. create a shell script call say /bin/zzz that look something like: > > #!/bin/sh > echo > echo "You are only allowed FTP login" > echo > > 2. use vipw and change the user's login shell to /bin/zzz > 3. add /bin/zzz to the file /etc/shells > > The user will get that message when he tries to telnet or rlogin and get logged > out yet still have FTP access to what ever he's allowed to.