Quoth Peter Good, > usergroup telnet ftp > access10 no yes > access20 no yes > shells yes yes > allothers yes yes > > It's a web hosting box, that also hosts shell accounts. the people with > webpage packages don't need telnet and all webpage accounts have their > own directory structure, eg /home/webpageusers/username
Change the shell of the users who you don't want to allow interactive logins (ssh and telnet) to something that will disallow them shell access, such as /bin/true (or /bin/nologin, i think someone once suggested). Add that shell to /etc/shells, so that the ftp daemon will see it as a valid shell and allow them ftp access. I don't know how you'd do it for groups, but this certainly works on a per-user basis. cheers, damon -- Damon Muller ([EMAIL PROTECTED]) / It's not a sense of humor. * Criminologist / It's a sense of irony * Webmeister / disguised as one. * Linux Geek / - Bruce Sterling - Running Debian GNU/Linux: Doing my bit for World Domination (tm) -
pgp8YuFUHOsZU.pgp
Description: PGP signature
