FTP only shell


This shell only allows ftp access, an alert message is sent if an interactive login is attempted. This needs adding to /etc/shells to be a valid shell.

#Written by Andrew Stringer ages ago.
#Use this script as a login shell for users where you don't want shell access,
#ie. ftp only users on a webserver.
#You will probably have to add this to the /etc/shells file to have the system use it.

export TERM

#Set this to point to where policy queries should be sent.
#Set this to the alert recipient.

#This may have to be modified to suit how your system defines itself.
NOW=`date +%c`

echo "${LOGNAME}@${REMOTEHOST}${SSH_CLIENT} has attempted access to a shell on gy-asp-cms01 at ${NOW}." > ${MSG}

echo "$TODAY ${LOGNAME}@${REMOTEHOST} ${SSH_CLIENT}" >>/var/log/shellaccess.log
echo "*************************************************************************"
echo " "
echo "   It is $NOW"
echo " "
echo "   Sorry, ${LOGNAME}@${REMOTEHOST}${SSH_CLIENT}, you are not allowed"
echo "   interactive access to reports-ftp.rgsgames.com."
echo " "
echo "   This access attempt has been logged by username, date and hostname."
echo " "
echo "   FTP User accounts are restricted to ftp access."
echo " "
echo "   Direct questions concerning this policy to ${ADMIN}."
echo " "
echo "*************************************************************************"

#send alert mail
/bin/mail ${MAILTO} -s "Login attempt to ftp only account" < ${MSG}

rm ${MSG}

sleep 10

exit 0

Example /etc/passwd entry

rb/ftponlyshell.txt · Last modified: 06/08/2019 14:17 by andrew