replace the shell of the users in /etc/passwd with /sbin/nologin
example:
Code:root:---------------:0:0:root:/usr/local/root:/bin/sh nobody:x:99:99:nobody:/:/sbin/nologin ftp:----------------:501:501:Linux User,,,:/home/ftp:/sbin/nologin
Hi guys,
after configuration vsftpd I need to disallow ssh login (port 22) for all users in /etc/passwd except root user.
Exist any command to do that, or the easier way is to erase some char in /etc/passwd?
thx!
replace the shell of the users in /etc/passwd with /sbin/nologin
example:
Code:root:---------------:0:0:root:/usr/local/root:/bin/sh nobody:x:99:99:nobody:/:/sbin/nologin ftp:----------------:501:501:Linux User,,,:/home/ftp:/sbin/nologin
Here is an example for similar purpose which I can quickly find
http://subversion.apache.org/faq.htm...zed-keys-trick
However, you have to install openssh. dropbear doesn't allow this trick
Strange...
I copied the sample out of my own passwd file (I only changed the password-hash into -------) But I can use the user ftp for ftp, but not for ssh.
I'm using ProFTPD, and apparently that doesn't check if the usershell exists.
cause when I checked it at my router, I found that /sbin/nologin is missing.
I guess your ftp-server (vsftpd?) however does check it.
You can try it with /bin/false as the user-shell, that one does exist and serves the same purpose.