Hi,

I create a new user in /tmp/etc/passwd with dev/null but he can't acess ftp (login wrong).

if i write bin/sh for this user, he can access ftp and shell with putty, but i don't want the new user access shell.

i read in another linux forum howto vsftpd to create user with /bin/true, but the result is the same with dev/null (no ftp and no shell)

Any idea ?

read http://wl500g.info/showthread.php?t=14745

Hi,
Thanks Tamadite, for your answer, but I had already tried your howto and proftpd lag (10000ms). I don't understand why ...:confused:

but i find a solution in the man vsftpd.conf
with the command check_shell (Note! This option only has an effect for non-PAM builds of vsftpd. If disabled, vsftpd will not check /etc/shells for a valid user shell for local logins. )

vsftpd.conf

anonymous_enable=NO
local_enable=YES
local_root=/tmp/mnt/disc0_3/ftp_pub
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
vsftpd_log_file=/var/log/vsftpd.log
chroot_list_enable=YES
chroot_list_file=/opt/etc/vsftpd.chroot_list
check_shell=NO
ls_recurse_enable=YES
secure_chroot_dir=/opt/usr/share/empty

and the user in /tmp/etc/passwd

ClintEastwood:$xxxxxxxxx.:1000:1000:FTP User:/tmp/mnt/disc0_3/ftp_pub:/dev/null

and now user access ftp with access denied shell/telnet

Use vsftpd and create a /opt/etc/profile starting with this content


if [ `/opt/bin/whoami` != root ]; then
echo -e "USER IS NOT ALLOWED FOR ANY TERMINAL SESSION!\nCONNECTION CLOSED!"
exit
fi

So, now the user root is only able to login! Be careful when you use such things!! If you write a wrong user in the if you are not able to login anymore!!!