HPE Community
Operating System - HP-UX
1833328 Members
2433 Online
110051 Solutions
New Discussion

ftp login

 
TVS MURTY
Advisor

‎06-13-2001 03:19 AM

‎06-13-2001 03:19 AM

ftp login

We have 2 machines - L1000 and L2000 both running
HP_UX11.0 and are identical in all respects.

We want to allow a particular login only for ftp. i.e. using this login one can only do an ftp but cannot login.
We are doing this by giving the shell for this login as /usr/bin/false. While this works fine on L2000, this doesn't work on L1000. It says 'access denied' when we try to initiate an ftp.

Can someone throw some light on this?

Regards,
Murty
0 Kudos
Reply
4 REPLIES 4
Herve BRANGIER
Respected Contributor

‎06-13-2001 03:50 AM

‎06-13-2001 03:50 AM

Re: ftp login


Hi,

Your problem comes from /usr/bin/false which is
not a valid shell for getusershell () function.
You need to have /usr/bin/false in your /etc/shells file. If you don't have this file
you can put default values of getusershell and
/usr/bin/false in /etc/shells :

/usr/bin/sh
/usr/bin/rsh
/usr/bin/ksh
/usr/bin/rksh
/usr/bin/csh
/usr/bin/keysh
/usr/bin/false

You can verify in /var/adm/syslog/syslog.log
that your problem really comes from bad shell.
And after the modification/creation of
/etc/shells I think it works well.

Hope it's help,

Herve

0 Kudos
Reply
Rajeev Tyagi
Valued Contributor

‎06-13-2001 10:39 AM

‎06-13-2001 10:39 AM

Re: ftp login

Hi Murty,

You need to add the shell name in /etc/shells and also verify that the usernames are not there in /etc/ftpusers.
0 Kudos
Reply
thinphony
Advisor

‎06-13-2001 07:43 PM

‎06-13-2001 07:43 PM

Re: ftp login

HI!

as mention above, you may modify the /etc/passwd file to use the new shell /bin/false,and add /bin/false in the file /etc/shells,

As a temp method, you can modify the .profile and add :

trap "" 1 2 3

exit

0 Kudos
Reply
Manuel P. Ron
Frequent Advisor

‎06-14-2001 11:37 PM

‎06-14-2001 11:37 PM

Re: ftp login

I've implemented my ftp users with the restricted shell (/usr/bin/rsh). They can login but can't change from local directory not use slash in any command. It's another solution
Crash programs fail because they are based on the theory that, with nine women pregnant, you can get a baby a month. - Wernher von Braun
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.