Re: Best methods for preventing SSH allowing FTP

From: Blake Swensen (blake_at_pyramus.com)
Date: 08/21/03

  • Next message: Auto-reply from customer_support_at_thelotter.com: "Re: Your application" 
    Date: Wed, 20 Aug 2003 17:07:03 -0700
To: FreeBSD ISP List <freebsd-isp@freebsd.org>

    Thanks to all for chiming in on this one.

    I haven't had much luck with the /etc/login.access method. -- thanks
    Scott for reminding me -- It might have something to do with NIS(?), but
    it seems to be ignored (maybe because NIS groups aren't accessed by this
    method?).

    The myriad of shell ideas are interesting, but would need to be
    propagated to all machines on the network... this is do-able. I like
    the idea of writing a small script (thanks Walter) to send a little
    message to the user.

    Wasn't there some security issue around using a script as the default
    shell.... especially since one invokes a shell to make this work?

    Blake

    Blake Swensen wrote:
    > Anyone have suggestions for the best methods for locking an account so
    > that a user or a group can only ftp/POP/IMAP and prevent all other access.
    >
    > Blake 

    -- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The Internet Rescue Company - http://www.pyramus.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Blake R. Swensen         Pyramus Online, Inc.
President                2080 SE Oak Grove Blvd. Suite 11
                          Milwaukie, Oregon 97267
                          800-327-5101
                          vox:503-353-0455
                          fax:503-353-0453
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"We measure success by the success of our clients"
_______________________________________________
freebsd-isp@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
  • Next message: Auto-reply from customer_support_at_thelotter.com: "Re: Your application"

    Relevant Pages

    • Re: Where are the clay specialists?
      ... Actually we should talk about hard court specialists...Roddick, Blake, ... Could be...or another pow would be that they're not very good players since they're not able to have success on all surfaces unlike players who have success on clay. ...
      (rec.sport.tennis)
    • Re: Windows Explorer, GPO, hide extensions with known file types
      ... if you'd lke to distrbute this via script: ... objReg.CreateKey HKEY_CURRENT_USER, strKeyPath ... "Blake" wrote in message ... > Can I set a GPO to uncheck this box for all our domain users? ...
      (microsoft.public.win2000.group_policy)
    • Re: Did Murray show the other players what they can do to beat Nadal?
      ... blake etc executed with such success - hitting hard and flat to the ...
      (rec.sport.tennis)
    • Re: error 80070035 using WinNT provider
      ... "Blake" wrote in message ... > This script runs OK if I log in as a domain administrator. ... A user has no rights, to query a domain controller using ADSI or WinNT. ...
      (microsoft.public.inetserver.asp.general)
    • Re: error 80070035 using WinNT provider
      ... "Blake" wrote in message ... > This script runs OK if I log in as a domain administrator. ... A user has no rights, to query a domain controller using ADSI or WinNT. ...
      (microsoft.public.win2000.active_directory)