[HPADM] Restricted SFTP without user being able to SSH into server.

• Previous message: Johnson, Craig E: "[HPADM] RE: Snapshop on HP-UX"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Fri, 25 Mar 2005 14:33:56 -0500
To: <hpux-admin@dutchworks.nl>

We are migrating to servers where security policy dictates secure ftp
sessions only. In the past we just used restricted FTP with the user's
shell prompt set to /bin/false or /etc/ftponly.

When I do an sftp to that server, I get a message "illegal user XYZ from
ip ..." and the access is denied. When I set the shell to /bin/sh, I
can sftp into the server, but it is not directory restricted to their
home directory. Also, the user can use SSH to login to the server,
which is most undesirable.

I have dug around on man pages, Googled, and looked at OpenSSH.org, but
cannot find out a way to configure the sshd or sftp to make sftp work
like restricted FTP.

   Thanks

   -Jim

--
             ---> Please post QUESTIONS and SUMMARIES only!! <---
        To subscribe/unsubscribe to this list, contact majordomo@dutchworks.nl
       Name: hpux-admin@dutchworks.nl     Owner: owner-hpux-admin@dutchworks.nl
 
 Archives:  ftp.dutchworks.nl:/pub/digests/hpux-admin       (FTP, browse only)
            http://www.dutchworks.nl/htbin/hpsysadmin   (Web, browse & search)

• Previous message: Johnson, Craig E: "[HPADM] RE: Snapshop on HP-UX"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]