We use Virtualmin version 3.68 Pro / proftpd / linux users.
the question is simply:
can we create users without FTP acc?
Now, if we select Email only access for a user, then they can login to their home via FTP as well.
We use /etc/ftpusers file, but webmin do not add the email only users there.
I know it’s not a realy big issue i’m just intrest about it.
A little bit other issue:
Can we disable the default server administrator user FTP acc?
I read a topic about it in the forum, but no solution there.
It’s totaly useless i think, and it’s colud be a little security problem.
I’d recommend just disabling FTP altogether, if you’re going to turn it off for virtual server owners.
But, FTP access is determined by the users shell, by default. If it’s in the list of shells in /etc/shells, it’s an FTP-capable account. If it isn’t, it’s not.
It would be trivial to write a script for Virtualmin to run to update your ftpusers file, if it doesn’t know how to deal with it already (I seem to recall support was added a couple of years ago, but it’s been a long time, and I don’t use FTP, so I’m not sure).
Well, to clarify, all users on any system have a “shell” set for them. A shell can be something like /bin/false, which doesn’t allow them to log in on the command line like bash allows.
To paraphrase what I think you’re saying – your customers use /bin/false as their shell, and you want to disable their access to FTP.
Are there any users with /bin/false as their shell who should have FTP access?
If not – if all /bin/false users should be preventing from using FTP, you could simply remove "/bin/false" from /etc/shells.
Another option would be to set new Virtual Server owners to use /dev/null as their shell (that can be done in System Customization -> Custom Shells).
-Eric