Date: Wed, 28 Feb 2001 12:49:54 +0700 (JAVT) From: Q Yai QQ <riki@maiser.unila.ac.id> To: Carroll Kong <damascus@home.com> Cc: Roelof Osinga <roelof@eboa.com>, freebsd-security@FreeBSD.ORG Subject: Re: ftp access Message-ID: <Pine.BSF.4.21.0102281245260.54170-100000@maiser.unila.ac.id> In-Reply-To: <4.2.2.20010228002521.00c58340@netmail.home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
hai guys,... i try to do chpass user's shell,... to change his shell to /sbin/nologin it work,... but,.when i get access via ftp,.... the server not allow me,...just for a second i get in,.. then,. disconnect very fast,... what's wrong,... thank's for u'r respon,. On Wed, 28 Feb 2001, Carroll Kong wrote: > At 05:47 AM 2/28/01 +0100, Roelof Osinga wrote: > >Rob Simmons wrote: > > > > > > /sbin/nologin as the user's shell. You also have to add this shell to > > > /etc/shells > > > >Alas, no. > > > >Not on 4.2 anyway. Just today - ok, technically yesterday, but who's > >counting? - I realized that the client was right after all. He could > >not log in indeed. Due to /sbin/nologin. > > > >When using regular ftpd. Using ProFTPd no problem. > > > >Ah, as a matter of fact, I was using inetd. Haven't tried > >daemon mode with 4.2 yet. Who knows? There might be hope, still. > > > >Roelof > > That is odd. The reason why ftpd does not work is because........ man ftpd > shows > > 4. The user must have a standard shell returned by > getusershell(3). > > So, man getusershell shows > > The getusershell() function returns a pointer to a legal user shell as > defined by the system manager in the file /etc/shells. If /etc/shells is > unreadable or does not exist, getusershell() behaves as if /bin/sh and > /bin/csh were listed in the file. > > This is very odd, unless I am forgetting something I did, I JUST > did this with a client two days ago on 4.2-STABLE. Telnet results in "not > authorized" or something like that, and ftpd lets them in happily. Same > user name and all. Please look it over, I am outright positive it > works! (ok, maybe 99.99999% sure). What is the error message? User > denied? Check man ftpd for that list of "reasons why ftpd would tell your > user to go away". > > -Carroll Kong > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > >>>>>>>>>>>>>>>>>*****<<<<<<<<<<<<<<<<< riki@unila.ac.id visit my homepage and sign my guestbook http://unilanet.unila.ac.id/~qq --------------------------------------- --------------------------------------- & __& &__ // \\ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0102281245260.54170-100000>