On Mon, Dec 18, 2006 at 03:49:26PM +0100, L.W. van Braam van Vloten wrote: > Hello group, > > Is there any objection against adding /bin/false to the file > /etc/shells? Most notably, are there any security considerations? > > I wish to create a user that can log in to my FTP server, but without > shell access. I can prevent the shell access by specifying /bin/false > as the user shell. But my ProFTPD server will only allow this user to > log in if /bin/false is present in /etc/shells. By default this is not > the case. > You don't even need to have /bin/false in /etc/shells. In fact, you can give the user any binary which is not in /etc/shells and he won't be able to log in. But /bin/false is the usual for users not permitted to login via the shell.
Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com
signature.asc
Description: Digital signature
