[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] SFTP

Subject: Re: [cobalt-users] SFTP
From: Richard Siddall <cobalt@xxxxxxxxxxx>
Date: Mon Jul 21 12:53:03 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

Greg O'Lone wrote:

I know this is a topic gone over in the past, checked the archives but
couldn't find the answer I was looking for...anyway...

Is there something special I need to do to enable SFTP on a RaQ4? Right
now, when a user tries to log in, they get an error back from the box
that says:

************************* Access Denied *************************
*                                                               *
* Sorry, you do not have telnet/shell access to this Cobalt     *
* server.                                                       *
*                                                               *
*****************************************************************

But I thought that having telnet/shell access is a security risk? Is
there any way to let users have SFTP without the shell access?

If you set the user's shell to be sftp-server (well,"/usr/libexec/openssh/sftp-server" or whereever it is on your RaQ4), theuser will be able to use SFTP only. There's no way to do this throughthe GUI. You'll probably have to hack /etc/passwd.

I don't remember what was wrong with this approach other than the lackof GUI support, but I do remember there was some shortcoming with it.We concluded that we needed to look at a couple of opensource SFTPshells as we were not happy with deploying the sftp-server approach tocustomers.


Regards,

	Richard.

References:
- [cobalt-users] SFTP
  - From: Greg O'Lone

Prev by Date: Re: [cobalt-users] Time for something new?
Next by Date: Re: [cobalt-users] Qube3
Previous by thread: RE: [cobalt-users] SFTP
Next by thread: [cobalt-users] DNS: making .includes work

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index