sftp client

Devon Bleak devon at admin2.gisnetworks.com
Sat Feb 10 04:02:06 EST 2001


i personally would like to see the requirement of a valid shell (defined by
a shell that you can execute commands with, not an entry in /etc/shells)
dropped.  i work for a hosting company, and being able to give a user sftp
access while not giving them shell access would be invaluable.  (if i can
keep 'em from leaving their home directory, well, even better!)

IMO, shell access and (s)ftp access should be two entirely seperate issues.

devon


----- Original Message -----
From: "Markus Friedl" <Markus.Friedl at informatik.uni-erlangen.de>
To: <mouring at etoh.eviladmin.org>
Cc: <openssh-unix-dev at mindrot.org>
Sent: Friday, February 09, 2001 8:44 AM
Subject: Re: sftp client


> On Fri, Feb 09, 2001 at 11:33:09AM -0600, mouring at etoh.eviladmin.org
wrote:
> > Using shells as access control has always been an ugly hack to me, and
as
> > a result I was glad to see User/Group Access List appear.
> >
> > If 'umask' is the only other argument for shell around then I'd be happy
> > to submit a patch to make .ssh/environment smart enough to detect
'umask'
> > variable and set the umask so we can drop the shell.  Otherwise, there
has
> > to be a better reason for it.
>
> this is an ugly hack.  i don't like .ssh/environment at all.
>
> i don't see the reason for dropping the shell.
>
>






More information about the openssh-unix-dev mailing list