I have already tried setting a shell to "/bin/false". This may prevent
remote logins or local text logins (I have not tested though), but local
graphic login went without problems.
On 29.10.2012 21:24, Jan Owoc wrote:
Hi Dmitry,
On Mon, Oct 29, 2012 at 9:17 AM, Dmitry Kozhinov <d...@desktopfay.com> wrote:
I am still newbie to UNIX administration. Please advise. After setting up a
storage server (a number of smb shares, as described at
http://wiki.openindiana.org/oi/Using+OpenIndiana+as+a+storage+server), I
ended up having a number of users at my system, each one needed only to
access an smb share from a Windows client machine. How do I prevent using
these usernames/passwords to login locally or remotely to the server, and
only use them to access smb shares?
I'm not a professional UNIX administrator, but the way I've seen it
done is to set the logon shell for those users to "/bin/false". An
alternative is "/usr/bin/passwd", so they can't get a logon shell, but
they can "log on" to change their password. There are some things for
which /bin/false doesn't work, but it might be enough for your needs
[1].
[1] http://www.semicomplete.com/articles/ssh-security/
Jan
_______________________________________________
OpenIndiana-discuss mailing list
OpenIndiana-discuss@openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss
_______________________________________________
OpenIndiana-discuss mailing list
OpenIndiana-discuss@openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss
