[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] sftp with disabled shell access
- Subject: RE: [cobalt-security] sftp with disabled shell access
- From: "Yussef M. ElSirgany" <yelsir@xxxxxxxxxxxxxxxxxxx>
- Date: Mon, 07 Jan 2002 12:07:28 -0500
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Dear Uwe,
Simple comment out telnet from /etc/inetd.conf and restart inetd this will
stop the telnet services and you will still be able to have a valid
/etc/passwd shell line for any user + ssh access.
Just make sure sshd is running and you have a valid shell listed in
/etc/passwd before you do this otherwise you will be out of your own box! :)
Yussef M. ElSirgany
Magnatech Business Systems
Phone: 516-931-4444 Ext.105
Fax: 516-931-1264
Email: yelsir@xxxxxxxxxxxxxxxxxxx
> -----Original Message-----
> From: cobalt-security-admin@xxxxxxxxxxxxxxx
> [mailto:cobalt-security-admin@xxxxxxxxxxxxxxx]On Behalf Of Uwe Langer
> Sent: Monday, January 07, 2002 11:52 AM
> To: cobalt-security@xxxxxxxxxxxxxxx
> Subject: [cobalt-security] sftp with disabled shell access
>
>
> Hi,
>
> I would like to allow our users access to our RAQ 4i only via sftp or ftp
> but no shell access. If I disable Telnet/Shell Access, ssh and sftp also
> don't work.
>
> To solve this problem, is it a good idea to replace badsh by
> smrsh and put
> a link to sftp in the /usr/adm/sm.bin directory ? Or are there any better
> suggestions ?
>
> Thanks in advance !
>
> Uwe
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security