On Wed, Jul 23, 2003 at 10:12:45PM -0400, you [Igor Pechtchanski] wrote: > > Instead of setting the shell to /bin/false, set it to a script that checks > the parameters (e.g., which program is invoked), and quits with a non-zero > return code if the program is not "sftp", for example. That same script > can also do "chroot" to your FTP directory, so the user can't get out of > it. Be sure to set all the relevant shell variables in the script (e.g., > PATH, IFS, etc).
There are a couple of such scripts available. Search the openssh mailing list archive. rssh is one of them: http://www.pizzashack.org/rssh scponly is another: http://www.sublimation.org/scponly/ There may be others. -- v -- [EMAIL PROTECTED] -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
