HPE Community
Operating System - HP-UX
1753629 Members
5949 Online
108798 Solutions
New Discussion юеВ

sftp ??

 
SOLVED
Go to solution
MikeL_4
Super Advisor

тАО10-10-2006 07:16 AM

тАО10-10-2006 07:16 AM

sftp ??

We have a client that currently uses ftp to put files on our system. We have the user locked so he can only ftp, that is is default shell is: /bin/false.

when they try using sftp they enter there password and immediately get the message: connection closed.

I assume this is because we do not allow them login access to the server, is there any way around this besides giving them a shell instead of /bin/false ??
0 Kudos
5 REPLIES 5
IT_2007
Honored Contributor

тАО10-10-2006 07:22 AM

тАО10-10-2006 07:22 AM

Re: sftp ??

yes. User account might have been locked/deactivated. change shell to /usr/bin/sh and you can restrict user not to use "ftp" by putting his id into /etc/ftpd/ftpusers list.

0 Kudos
MikeL_4
Super Advisor

тАО10-10-2006 07:23 AM

тАО10-10-2006 07:23 AM

Re: sftp ??

I want the user to be able to use ftp or sftp, but not be able to login directly to the server.
0 Kudos
Calandrello
Trusted Contributor

тАО10-10-2006 07:44 AM

тАО10-10-2006 07:44 AM

Re: sftp ??

friend o ssh esta habilitado e funcionando ok ?
0 Kudos
IT_2007
Honored Contributor

тАО10-10-2006 08:11 AM

тАО10-10-2006 08:11 AM

Solution

Re: sftp ??

you need to use some script to restrict the user.

Here is the perl script which was tested.

#!/usr/bin/perl -w
#
# When used as a login shell in /etc/passwd, this only allows
# use of the scp program.


exit(1) if ( !defined($ARGV[0]) || $ARGV[0] ne "-c" );
exit(1) if ( !defined($ARGV[1]) || $ARGV[1] !~ /^scp / );
argv = split (/ /, $ARGV[1] );
exec {"/usr/bin/scp"} argv;

0 Kudos
MikeL_4
Super Advisor

тАО10-11-2006 01:21 AM

тАО10-11-2006 01:21 AM

Re: sftp ??

Thanks
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.