allow SFTP FTP but not SSH. Can ??

Sun May 8 20:55:24 UTC 2005

Trevor TeC Christian wrote:
> I was just reading through the thread, and got a somewhat crazy idea.
> What if you give the ssh, sftp and ftp access, and just edit the users
> shell login script so that it logs them off before the complete
> logon?  Crazy huh?

then:
> fault in above suggestion - granting the user sftp access, he/shee
> could
> simply replace or remove the script running the logout command....

Now *that* objection can be got around.

chattr +i .bash_profile
man chattr says:
       A file with the ‘i’ attribute cannot be modified: it cannot be deleted
       or renamed, no link can be created to this file and  no  data  can  be
       written  to  the file.  Only the superuser or a process possessing the
       CAP_LINUX_IMMUTABLE capability can set or clear this attribute.

James.

-- 
E-mail address: james |     "Why is it we never meet anyone nice?"
@westexe.demon.co.uk  |     "Why is it we never meet anyone who can shoot
                      | straight?"
                      |     -- Lister and Cat, 'Red Dwarf'