Date: Thu, 16 Dec 2004 22:44:11 +0100 From: Simon Barner <barner@gmx.de> To: Josh Paetzel <josh@tcbug.org> Cc: questions@freebsd.org Subject: Re: sftp and shell access Message-ID: <20041216214411.GK53897@zi025.glhnet.mhn.de> In-Reply-To: <200412141011.23225.josh@tcbug.org> References: <200412141011.23225.josh@tcbug.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--fz0LNKsoEivY4NpG Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Josh Paetzel wrote: > I am looking for a way to give a user an sftp account without giving=20 > them a shell. So far I've tried setting their shell=20 > to /sbin/nologin, but when they try to log in via sftp it gives them=20 > a "message to long" error. >=20 > Any pointers would be appreciated...I've tried the FAQ, handbook and=20 > google so far. Hi, I am using ports/shells/scponly for this purpose. It even comes with a neat little script 'setup_chroot.sh' which automagically sets up a chroot cage for your scp/sftp user (it will also create the user itself). Have a look at the beginning of the port's Makefile for a list of available options. The only thing I couldn't get to work (I was in a hurry then) was authentication with ssh-keys. If you get this one running, please be so kind and drop me a line. Simon --fz0LNKsoEivY4NpG Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (FreeBSD) iD8DBQFBwgGrCkn+/eutqCoRAnsKAKCe/zirkFudyY5uyNlWINGZRPQDuACfdK3+ LFMu7TYf/9mCmyIwbU8Ouhk= =v1vM -----END PGP SIGNATURE----- --fz0LNKsoEivY4NpG--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041216214411.GK53897>