Administrators Leon Posted August 16, 2012 Administrators Share Posted August 16, 2012 1. So let’s begin creating a pseudo shell named /bin/ftpaccess debian:~# touch /bin/ftpaccess debian:~# echo 'echo "This accout is for ftp access only"' > /bin/ftpaccess debian:~# echo 'exit 0' >> /bin/ftpaccess debian:~# chmod +x /bin/ftpaccess 2. It’s also necessary to include the just created pseudo FTP shell/bin/ftpaccess in your /etc/shells file. echo '/bin/ftpaccess' >> /etc/shells 3. Then edit your /etc/passwd and change in the user shell, you should edit a line similar to: ftp-user:x:1011:1005:FTP User,,,:/home/ftp-user:/bin/bash Afterwards the same user /etc/passwd line declaration should look like: ftp-user:x:1011:1005:FTP user,,,:/home/ftp-user:/bin/ftpaccess Now the ftp-user user should have an FTP file transfer upload/download access to the server but it’s SSH, SCP and SFTP access will be disabled. Talking about disabling access of SFTP it’s worthy to mention the RSSH Project . RSS is quite cool and is able to restrict a shell access via SSH but same time allow users to use the SFTP and SCP protocols. Other user feedback/experience for accomplishing the same task is very welcome! Link to comment Share on other sites More sharing options...
Recommended Posts