How to prohibit vsftpd users from logging in through ssh

Preface

vsftp is an easy-to-use and secure ftp server software. You can log in using a system user or a virtual user. If you log in using a system user, by default, the user can log in to the system. This means that you can log in to the ftp server and you can also log in to the system. This is sometimes unsafe because you can see many files when you log in to the system.

Create a system account and only allow this account to log in to ftp

First: Add /bin/false to the file /etc/bash

cat /etc/shells
/bin/sh
/bin/bash
/usr/bin/sh
/usr/bin/bash
/bin/false

Second: Specify user (zhangsan) to use /bin/false

usermod -s /bin/false zhangsan

After two steps of setup, users can only use the FTP server and are prohibited from logging into the system.

Remark

• /bin/false and /sbin/nologin are different. The common part is that users cannot log into the system. The method may be different. I tried /bin/fase in the centos7 environment, but there was no prompt when logging in and it exited directly.
• When configuring ftp before, just using /sbin/nologin seemed to be able to achieve the desired effect, but now you need to use /bin/false to solve it.

Possible causes

If it was possible to use /sbin/nologin before and system users could only log in to ftp, then this is not possible in my current environment, which means that this is related to the system settings and vsftp configuration.

Summarize

The above is the full content of this article. I hope that the content of this article will have certain reference learning value for your study or work. If you have any questions, you can leave a message to communicate. Thank you for your support for 123WORDPRESS.COM.