I have a computer set up with Red Hat 9 and have sshd all set up and working. I also have a FTP server on the same box, with one account that all FTP users use to gain access to. I've looked around in man files, searched on google etc but (unless I missed something) haven't been able to find a way to restrict a user from using SSH. What I want is to disable the FTP account's ability to login through SSH and change their password or something similarly hideous. Is this even the right way to look at the problem, or is there another way I should be looking at this? Thanks.

check out the DenyUsers options in sshd_config

Quote: Original post by modena
What I want is to disable the FTP account's ability to login through SSH and change their password or something similarly hideous.

Why did you give the ftp account a password, it should just have just been disabled...

More specifically, you can disable a users ability to login by changing the shell that they use to "/sbin/nologin". (IE. open the file "/etc/passwd", find your ftp user account, and change the last field to be "/sbin/nologin").

Quote: Original post by Ranok
More specifically, you can disable a users ability to login by changing the shell that they use to "/sbin/nologin". (IE. open the file "/etc/passwd", find your ftp user account, and change the last field to be "/sbin/nologin").

I'm not sure that's true. Doesn't SSH allow arbitary "shells"? How does rcp and scp work then...

and I'm SURE I've seen SSH sessions that had NO shell, only an X session.

Oh yeah, and you diable an account by having a password hash of (usually) just 'x', since that's imposible to get, nobody is ever able to authenticate as that user.