Actually, that's what I do to give someone a login, without giving them
shell access. I have a hellosh that just gives them a menu whose only
possible action is to log off. I do this to enable user SSHtunnels.
Assigning them to nobody:nogroup should restrict them sufficiently from your
filesystem. Seriously severe restriction can be done by creative use of
chroot, in login init scripts. Use Quota for disk space restrictions.

|> -----Original Message-----
|> From: Alexander Werth (gmx) [mailto:[EMAIL PROTECTED]]
|> Sent: Sunday, September 09, 2001 5:20 PM
|> Subject: access to account without shell?
|> Hy,
|> I have some accounts without login shell (calling a noshell 
|> script) on
|> my computer. I'm concerned that these could be accessed somehow with
|> sftp or similar features of OpenSSH. Is it possible to disable these
|> accounts for ssh? Or otherwise enable just the others?
|> Alexander Werth

Reply via email to