Re: Is ssh not safe?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Saturday 24 July 2004 1:37 pm, Michael Sullivan wrote:
>  Or is there a safer way to allow them to change
>  their passwords?

Hi,

It seems that the main reason for your users to contact your server is for 
uploading/retrieving files right? They don't need shell access at all. You 
could change their shell on /etc/passwd (the last argument on each line) to 
/bin/false ...therefore they can only use SFTP which works fine if you're 
using a SSH Daemon.  There are many sftp clients for Windows: FileZilla, 
CuteFTP etc.

Hah? But how are they going to change their password? Without shell access I 
think there's no easy way...so forger about /bin/false. I would edit 
their .bashrc and place at the end two lines:

passwd
exit

This way, as soon as they enter your server (with a ssh client) they will 
receive the passwd prompt..as soon as they change their password they're 
kicked out.  There may be some security issues here but...it is much better 
than letting them inside your server.  (On the .bashrc example..I did on my 
machine with another user...When I got the passwd prompt..I tried to do 
CTRL-C to see if I could get shell access...but I couldn't).

HTH,
Jorge



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux