disallow telnet for wu.ftpd "guests"

disallow telnet for wu.ftpd "guests"

Post by Jerry Boonst » Wed, 23 Oct 1996 04:00:00



Hi,

I've setup a bunch of REAL accounts on my Linux box that I've designated
as "guests" in /etc/ftpaccess.

Everything works great in FTP.  All accounts in the guest-group are
properly chroot()ed into their home directory and everything seems
relatively secure.

The problem is, these account CAN ALSO login via telnet and the chroot
does not take effect!  I need to either deny telnet access to these users
(while leaving FTP enabled) or I need to be able to chroot() them to their
home directory.  I cannot do either.

I've tried making their login shell (via /etc/passwd) both "/bin/false"
and "/bin/ftponly", but both times telnet AND ftp access were denied.
Help!

Thanks!

-jb-

Jerry Boonstra

--
Jerry Boonstra

 
 
 

disallow telnet for wu.ftpd "guests"

Post by Sven Hanse » Thu, 24 Oct 1996 04:00:00



> Hi,

> I've setup a bunch of REAL accounts on my Linux box that I've designated
> as "guests" in /etc/ftpaccess.

> Everything works great in FTP.  All accounts in the guest-group are
> properly chroot()ed into their home directory and everything seems
> relatively secure.

> The problem is, these account CAN ALSO login via telnet and the chroot
> does not take effect!  I need to either deny telnet access to these users
> (while leaving FTP enabled) or I need to be able to chroot() them to their
> home directory.  I cannot do either.

> I've tried making their login shell (via /etc/passwd) both "/bin/false"
> and "/bin/ftponly", but both times telnet AND ftp access were denied.
> Help!

> Thanks!

> -jb-

> Jerry Boonstra

> --
> Jerry Boonstra


--
      _,
Bye, (_
     ,_)ven.

+---------------------------------------------------+
| Sven Hansen              DEH Multimedia Soft GmbH |

| Phone: Work: +493461415071    Home: +491772494544 |
| Fax  : +493461415072                              |
|                 http://www.deh.de                 |
+---------------------------------------------------+

 
 
 

disallow telnet for wu.ftpd "guests"

Post by Christian Winkl » Thu, 24 Oct 1996 04:00:00




Quote:> I've tried making their login shell (via /etc/passwd) both "/bin/false"
> and "/bin/ftponly", but both times telnet AND ftp access were denied.

This is the behaviour I would expect. Try adding /bin/false to
/etc/shells. ftp should work find then. As /bin/false just returns
an error code the users who try to telnet to the machine get simply
kicked out.

That's at least how it works here :-).

Christian

 
 
 

disallow telnet for wu.ftpd "guests"

Post by Lok » Fri, 25 Oct 1996 04:00:00


: Hi,
:
: I've setup a bunch of REAL accounts on my Linux box that I've designated
: as "guests" in /etc/ftpaccess.
:
: Everything works great in FTP.  All accounts in the guest-group are
: properly chroot()ed into their home directory and everything seems
: relatively secure.
:
: The problem is, these account CAN ALSO login via telnet and the chroot
: does not take effect!  I need to either deny telnet access to these users
: (while leaving FTP enabled) or I need to be able to chroot() them to their
: home directory.  I cannot do either.
:
: I've tried making their login shell (via /etc/passwd) both "/bin/false"
: and "/bin/ftponly", but both times telnet AND ftp access were denied.
: Help!
:
: Thanks!
:
: -jb-
:
: Jerry Boonstra

:
: --
: Jerry Boonstra

put a shell script or something that echo's "you cannot login" in /bin,
then add that to /etc/shells

--
PGP print:      /--------------------------------------------\

10 40 73 C1 55   \ http://www.veryComputer.com/~slack/web/start.html \
C8 75 9B FF 9C 25 \--------------------------------------------/
* the 2 party system and protect your freedoms, vote Libertarian!
http://www.veryComputer.com/