Re: how to create one user account which only can ftp and cannot telnet

Dennis Handly · ‎04-16-2009

>How to "include that in /etc/shells".

Just use vi on that file and add that line. If not there, you'll need to add the default shells:
/sbin/sh
/usr/bin/sh
/usr/bin/rsh
/usr/bin/ksh
/usr/bin/rksh
/usr/bin/csh
/usr/bin/keysh

You may want to leave out those r* shells. (And the scummy C shell, just to discourage it's use. ;-)

Ganesan R · ‎04-16-2009

Hi Eric,

Steps are little different for sftp. If you are using sftp use the shell opt/ssh/utils/sftponly instead of /usr/bin/false.

entry in password file should look like this..

user1:x:149:20:SFTP only user:/home/user1:/opt/ssh/utils/sftponly

Best wishes,

Ganesh.

James R. Ferguson · ‎04-16-2009

Hi:

> How to "You'll probably have to include that in /etc/shells" .

You might be amazed how questions like this can be answer by querying the manpages.

# man shells

...offers the principal insight, and following its "see also" references:

# man man getusershell

...tells you even more!

Regards!

...JRF...

Eric Unix · ‎04-16-2009

Hello ALL

Thanks for all of your help, and it work now . But if i want to user sftp. I found there are no " opt/ssh/utils/sftponly " in my current system. How to make it available ?

BR
thanks a lot.

ERIC

Look forward

James R. Ferguson · ‎04-16-2009

Hi (again):

> I found there are no " opt/ssh/utils/sftponly " in my current system. How to make it available ?

If you have Secure SHell installed you should have this:

# swlist|grep -i "secure shell"
T1471AA A.05.10.006 HP-UX Secure Shell

If you need this, then see:

http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=T1471AA

Regards!

...JRF...

UVK · ‎04-16-2009

#touch /opt/ssh/utils/sftponly

and add those users to whom u want to give sftp access to that file

-uvk

-------------------------------------------
Like it or worked !! Click kudos !!

Eric Unix · ‎04-16-2009

Hello All

After add "/opt/ssh/utils/sftponly" in passwd file and touch /opt/ssh/utils/sftponly file

But show up error " access denied " after key in password in sftp tool

Please kidnly help me .

BR
eric

Look forward

avizen9 · ‎04-16-2009

please go through this doc

http://docs.hp.com/en/B2355-90685/ch02s07.html

Suraj K Sankari · ‎04-16-2009

Hi,

Are you able to do ssh into the box, if yes then check the file permission which you create now, what is the permission now?

check this also is there any # (hash) mark there in file /etc/ssh/sshd_config

Subsystem sftp /usr/libexec/openssh/sftp-server

Suraj

Ganesan R · ‎04-17-2009

Hi Eric,

Just touch the file is not enough.

#swlist |grep -i secure
T1471AA A.04.50.009 HP-UX Secure Shell

It should list like above. If not I would advice you to download and install HP secure shell from here..

http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=T1471AA

That will create all the necessary files for you.

Best wishes,

Ganesh.

Re: how to create one user account which only can ftp and cannot telnet