-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ok, on your third question, you have to make a shell that does not
give them access to a telnet shell. here is the code I use:
#include <stdio.h>
int main()
{
printf(" You are allowed to log in the system using FTP only\n thus
now you are being logged off\n -Your System Administrator\n");
sleep(3);
return 0;
}
I called this ftponly.c and I compile it using "cc -o ftponly
ftponly.c" which then gave me the file, "ftponly"
Place this file in your /bin and then you need to add a new group to
/etc/group, and call it ftponly, you can do this by
running the groupadd command, which I invoked as "groupadd -g 105
ftponly"
By doing this, users will only have access to ftp and other services
which do not rely on a valid shell. I hope this helps.
- ----------------------------------------------------
It is a simple take to make things complex,
but a complex task to make them simple.
- ----------------------------------------------------
Trevor Reynolds
System Administrator
Todd Alan Communications
[EMAIL PROTECTED] ||| http://www.toddalan.com/
pgp key located at http://legend.toddalan.com/~graffix/pgp/trevor.asc
- -----Original Message-----
From: joyce grace touzo [SMTP:[EMAIL PROTECTED]]
Sent: Friday, April 24, 1998 2:52 AM
To: [EMAIL PROTECTED]
Subject: ftp server questions
I am configuring an FTP server included in Slakware Linux 2.0.30. The
FTP server is wu-ftpd v2.4.2. After reading the man pages and
trying-out some options, I found myself hanging with more questions
that
I can't find in the documentation. The questions are:
1. What's the use of the files passwd and group in the ~ftp/etc
directory? I tried renaming these files to see if it is being
reference
by the ftp server but I found that I can still login without it using
a
valid real account. It seems that the /etc/passwd is the one being
reference by the ftp server instead of the ~ftp/etc/passwd as I have
proven when I change the password in the /etc/passwd.
2. Where can I find the log file for the ftp? I can't see any line
in
/etc/ftpaccess that points to a file. The configuration file has the
lines:
log commands real,anonymous
log transfers anonymous,real inbound,outbound
3. I disabled the anonymous access and create real accounts with
anonymous privileges for more control. I use the adduser utility to
create the accounts. My problem is about security. Yes, the users
that
I made were able to connect to the ftp server but they can also telnet
to it. I tried to removed the shell field in the /etc/passwd file but
the ftp needs it. They cannot ftp to the server without the shell.
Is
there a way allowing the ftp but blocking the telnet?
Thanks in advance ???
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.5.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBNUCQj3xOdK5Ts/WpEQKbhQCgp2qERi3wmBqZbyypalYgih/+sUIAmQHn
gl+FspJ+j4T9vcrqqKlAOZRP
=QSNI
-----END PGP SIGNATURE-----
