01-17-2003
NO Shell access is easy - set the shell in the /etc/passwd file to something like /etc/ftponly which can be a non-existent file or one with the following:
#! /bin/sh
#
# @(#)true.sh 1.5 88/02/07 SMI; from UCB
#
umask 002
exit 0
As long as /etc/ftponly is not listed in /etc/shells, you will not be allowed to login (but can still ftp in). If you list /etc/ftponly in /etc/shells, then the above shell will keep anyone from logging in except via ftp.
As far as keeping the person in a directory...I don't believe that the normal ftpd allows setting this up. There are free ftp daemons that will do this and more. One is
WU-FTP. Others have posted answers to this in the past - try a search for 'ftp free'.
10 More Discussions You Might Find Interesting
1. Solaris
I want to setup a user on my server and only allow that user to ftp to my server but not to be able to get to command line (telnet /ssh)
I ammended my /etc/passwd so the users shell would be /usr/bin/false and this prevents log on but it also prevents the ftp..
Any ideas? (1 Reply)
Discussion started by: frustrated1
1 Replies
2. Solaris
Hi All,
I'm using solaris 2.8, and I want create a new ftp user account with the following restrictions:
- Have only ftp access, no telnet or rlogin
- Have restricted access to its home directory example /export/home/newuser
- Deny access to any other directory.
Thanks for your help,
... (6 Replies)
Discussion started by: Jeremy3
6 Replies
3. UNIX for Advanced & Expert Users
Hi All,
It will be very great if you can help me in this issue. Thanks in advance.
I need to enable FTP on a solaris9 server. I need to create a new user some "xxxxxx" and he can only FTP the files to and from between /tftpboot directory and network devices. Other users should not... (8 Replies)
Discussion started by: santhoshkumar_d
8 Replies
4. UNIX for Advanced & Expert Users
Hi all,
How can i give ftp access to single user on solaris9 system? others should not have the ftp access. i know about ftpusers file in /etc/ftpd but still what about if so many new users are created daily?
And now for that single user how can we restict him to ftp the files only from... (2 Replies)
Discussion started by: santhoshkumar_d
2 Replies
5. Shell Programming and Scripting
Hi all,
I have a project on going that combines two different departments. I cannot give detais on this project, I´m sure everybody understands that, but I would like your help on giving me pointers on how to give an existing user access to ftp, without the need to give him full access. So here... (0 Replies)
Discussion started by: Alexis Duarte
0 Replies
6. AIX
Hi,
We have Oracle Database on AIX 5.3 server.We want to give ftp access to a user to a specific folder.He should be able to put and get files from that specific folder only.Moreover he should not be able to cd to any other filesystems also along with root directory.
Please note that as per... (1 Reply)
Discussion started by: dwiravi
1 Replies
7. UNIX for Advanced & Expert Users
Hi all,
Can someone help me with creating user with special privilegies?
I need to create user who will have access ONLY to one folder (like /etc/log/) through ftp (read only access) and which will not have any other ways to log in like telnet, ssh etc.? (5 Replies)
Discussion started by: nypreH
5 Replies
8. AIX
Hi all,
I'm using AIX v 5.3
I want to create system users to access through ftp or sftp and restrict those users into specific directory and don't traverse the whole file system just to be restricted within a directory and don't get shell access . i don't want to use any other third party... (7 Replies)
Discussion started by: h@foorsa.biz
7 Replies
9. Shell Programming and Scripting
Hi Experts,
I am in urgent need of your suggestions.
I have below two users in my system:
xyz:x:101:101:XYZ System Account:/export/home/xyz:/bin/bash
abc:x:2009:10:ftp user only:/export/home/abc:/bin/false
Where "xyz" is the crucial one and "abc" is only introduced for FTPing the... (2 Replies)
Discussion started by: sugarcane
2 Replies
10. Solaris
Hi,
I have searched "Limit FTP user's access to a specific directory" subject for 3 days. I found proftp and vsftp but i couldn't compile and install. Is there any idea. Please suggest. (6 Replies)
Discussion started by: hamurd
6 Replies
FTPFS(4) Kernel Interfaces Manual FTPFS(4)
NAME
ftpfs - file transfer protocol (FTP) file system
SYNOPSIS
ftpfs [ -/dq ] [ -m mountpoint ] [ -a password ] system
DESCRIPTION
Ftpfs dials the TCP file transfer protocol (FTP) port, 21, on system and mounts itself (see bind(2)) on mountpoint (default /n/ftp) to pro-
vide access to files on the remote machine. If required by the remote machine, ftpfs will prompt for a user name and password. The user
names ftp and anonymous conventionally offer guest/read-only access to machines. Anonymous FTP may be called without user interaction by
using the -a option and specifying the password.
By default the file seen at the mount point is the user's remote home directory. The option -/ forces the mount point to correspond to the
remote root.
To avoid seeing startup messages from the server use option -q. To see all messages from the server use option -d.
To terminate the connection, unmount (see bind(1)) the mount point.
EXAMPLE
You want anonymous FTP access to the system export.lcs.mit.edu. The first import(4) command is only necessary if your machine does not
have access to the desired system, but another, called gateway in this example, does.
import gateway /net
ftpfs -a yourname@yourmachine export.lcs.mit.edu
SOURCE
/sys/src/cmd/ftpfs
SEE ALSO
bind(2)
BUGS
Symbolic links on remote Unix systems will always have mode 0777 and a length of 8.
After connecting to a TOPS-20 system, the mount point will contain only one directory, usually /n/ftp/PS:<ANONYMOUS>. However, walking to
any valid directory on that machine will succeed and cause that directory entry to appear under the mount point.
Ftpfs caches files and directories. A directory will fall from the cache after 5 quiescent minutes or if the local user changes the direc-
tory by writing or removing a file. Otherwise, remote changes to the directory that occur after the directory has been cached might not be
immediately visible.
There is no way to issue the appropriate commands to handle special synthetic FTP file types such as directories that automatically return
a tar of their contents.
FTPFS(4)