ftp and shell access

[Janina Sajka]

"Something that doesn't let them log in?" Are you referring to anonymous ftp? You need to be careful with anonymous ftp
as there are many known attacks based on it. 

You need to run an ftp server, of course. Go to /usr/doc and look for what particular one your distribution installed.
With Red Hat systems this would be wu-ftpd, which includes an excellent HOWTO on setting up security for anonymous ftp
logins, as well for securing "guest" access, meaning named users with their own passwords.

If you are talking about named users, you should read about hosts.allow and hosts.deny. which can define what services
users are provided.

If you're not thinking of anything that elaborate, just don't assign accounts. You don't need an account for anonymous
ftp access.

Of course, there's little reason these days to run a telnet server. If you're doing that, stop doing it. 

On Sun, 28 Apr 2002, Deedra Waters wrote:

> That worked. I  was hoping for something  that wouldn't let them log in at
> all, but if this does the same thing then I won't complain.:p Thank you
> 
> 
> On Sat, 27 Apr 2002, Adam Myrow wrote:
> 
> > The advice I've always heard on this is to set their shell to /bin/false.
> > I don't know how well this works, but I assume they'd get a login screen
> > and then immediately exit.  If anybody has a better approach, speak up!
> > 
> > 
> > 
> > _______________________________________________
> > Speakup mailing list
> > Speakup at braille.uwo.ca
> > http://speech.braille.uwo.ca/mailman/listinfo/speakup
> > 
> 
> 
> _______________________________________________
> Speakup mailing list
> Speakup at braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
> 

-- 
	
				Janina Sajka, Director
				Technology Research and Development
				Governmental Relations Group
				American Foundation for the Blind (AFB)

Email: janina at afb.net		Phone: (202) 408-8175

Chair, Accessibility SIG
Open Electronic Book Forum (OEBF)
http://www.openebook.org