[OpenIndiana-discuss] How to disable local/remote login, still allowing access to smb share?
Jan Owoc
jsowoc at gmail.com
Mon Oct 29 15:24:19 UTC 2012
Hi Dmitry,
On Mon, Oct 29, 2012 at 9:17 AM, Dmitry Kozhinov <dima at desktopfay.com> wrote:
> I am still newbie to UNIX administration. Please advise. After setting up a
> storage server (a number of smb shares, as described at
> http://wiki.openindiana.org/oi/Using+OpenIndiana+as+a+storage+server), I
> ended up having a number of users at my system, each one needed only to
> access an smb share from a Windows client machine. How do I prevent using
> these usernames/passwords to login locally or remotely to the server, and
> only use them to access smb shares?
I'm not a professional UNIX administrator, but the way I've seen it
done is to set the logon shell for those users to "/bin/false". An
alternative is "/usr/bin/passwd", so they can't get a logon shell, but
they can "log on" to change their password. There are some things for
which /bin/false doesn't work, but it might be enough for your needs
[1].
[1] http://www.semicomplete.com/articles/ssh-security/
Jan
More information about the OpenIndiana-discuss
mailing list