"Matthias F. Brandstetter" <[EMAIL PROTECTED]> writes: > I have a question to all of you: What do you think, which would be the > "best", ie. "most secure" access to a webserver, so that users can > update their sites? > > To be more specific: I can't allow ssh login for most of this users > for several reasons, that's why I set /bin/false as login shell for > them. Ok, so no ssh, no ftp (sidenote: I hate [S]FTP[S] for several > reasons, ee. firewall issues and so forth).
Use ssh with a restricted shell. Restrict them to sftp only. Firewall issues? Fix the firewall. -- Björn Lindström <[EMAIL PROTECTED]> http://bkhl.elektrubadur.se/ ICQ: 82945879 -- [EMAIL PROTECTED] mailing list