msgbartop
MAC OS X, Linux, Windows and other IT Tips and Tricks
msgbarbottom

22 Nov 16 Forcing pam users to use only FTPS and block SFTP/SSH

Introduction:
I needed to force certain PAM users(configured in /etc/passwd) to use FTPS and block them from using SSH or SFTP.
Here is a solution I found in:
http://askubuntu.com/questions/93411/simple-easy-way-to-jail-users

Solution:
Add to /etc/shells a new shell:
vim /etc/shells
Add one line:
/bin/false
Save. For each user you want to deny ssh/sftp, change the user’s shell:
usermod -s /bin/false userx
Now userx cannot log in via ssh/sftp.
Install vsftpd:
apt-get install vsftpd
Edit the config file:
vim /etc/vsftpd.conf
And some changes….
anonymous_enable=NO
local_enable=YES
chroot_local_user=YES

Save. Restart vsftpd:
/etc/init.d/vsftpd restart

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: