Submitted by tealnet on Thu, 12/20/2012 - 16:00
We want to restrict users to only be able to use SFTP and not SSH. When we set a user to use the /usr/bin/scponly shell, they are not able to SFTP in. We see the following error in the secure log:
User username not allowed because shell /usr/bin/scponly is not executable
Is there a way to correct this so users can connect via SFTP but not obtain a shell via SSH?
Status:
Active
Comments
Submitted by JamieCameron on Thu, 12/20/2012 - 16:13 Comment #1
I don't think so, as the scponly shell would prevent users from listing directories, which is needed for sftp to work.