On Thu, 18 Feb 1999, Shiloh Costa wrote:
<snip>
> >the easiest way would be to use the etc-skel system along with adduser to
> >place a blank root owned file called .ssh in their dir.
>
> Apparently a user can rename a root-owned file or subdir, if the user is
> the owner of the directory where the file or subdir resides..
>
> Therefore, using FTP, they could simply rename .ssh to .ssh-who-cares, and
> still proceed with creating their own .ssh directory.
>
> >i have no clue though why you would want to disable RSA authentication.
>
> If a sniffer finds someone's FTP username/password, not only could they
> break into the users directory via FTP, they now have created themselves an
> ssh'able shell account too..
>
> SSH'able shells can do more damage than an ftp login.
I use 1.2.26, and it has the AllowUsers directive. Dunno if it actually
works or not....
.Shawn
