/bin/false again !

[kamtono]

thanks for reply my post but now i have some questions

i read on G. Mourani books to disable account is add (* - asterisk mark) on front of the encrypted password is that right and whats the diffrent using with ( ! ) (at /etc/shadow file)

but when i disable those users, FTP account is also disable .... mmmh am i have to configure again on VSFTP server

and last how to make users can't change directory at above of his directory

thanks before

[sarumont]

i read on G. Mourani books to disable account is add (* - asterisk mark) on front of the encrypted password is that right and whats the diffrent using with ( ! ) (at /etc/shadow file)

There really is no difference except that /etc/shadow is *not* world readable. If you edit /etc/shadow to disable an account, other users can't tell if that account is disabled or not by reading /etc/passwd. The cleanest way to lock an account, however, is to use 'passwd -l username'. You can then unlock it with 'passwd -u username'.

but when i disable those users, FTP account is also disable .... mmmh am i have to configure again on VSFTP server

If you disable the account on the system, then it cannot log into anything that uses system logins (i.e.-most FTP daemons).

and last how to make users can't change directory at above of his directory

In VSFTP? This is called 'chrooting'. It's built into VSFTP. Check the docs on their site for a guide to setting it up.

thanks before[/quote]