Generally if ssh is enable, user can do both ssh as well as sftp. But some time business need that list of user should be able to do the sftp only and ssh for these users should be disabled.
1. To achieve this check openssh is installed on you unix box.
2. Start ssh service "/etc/init.d/sshd start"
2. Run command "env|grep -i shell" to find the default shell for user.
3. find the path of sftp-server in /usr/lib. (in my env. OEL5 path is /usr/libexec/openssh/sftp-server)
4. Run cammand to change the shell for user:
usermod -s /usr/libexec/openssh/sftp-server
5. now try to do the ssh with this user
ssh
This will not work.
6. Now try sftp
This will work.
After this user will be able to do only sftp and ssh would not work for these users for which login shell has been changed.
No comments:
Post a Comment