Set the user's shell to something that's not a shell. Some systems have a /sbin/nologin, or you can use /bin/false or something equally harmless. It's proabably gotta exist in your system's list of valid shells (/etc/shells).
hope that helps. - Jared Lovell On Thu, 31 Jan 2002, Geeking Out wrote: > Greetings, > > I have someone with which I wish to automate file > transfers. I wish to do this securely. > I thought that running ssh on the box with key > exchanges would do this just fine since i can then use > sftp. However, if I install ssh on the box, and I give > the client access, they can also log into the box and > get a shell. > Is there a way in which I can limit them to sftp only? > > Thank you in advance! > > __________________________________________________ > Do You Yahoo!? > Great stuff seeking new owners in Yahoo! Auctions! > http://auctions.yahoo.com >