KpyM Telnet/SSH Server - Forum
119a: allowed and forbidden_login_list not working |
fireball |
119a: allowed and forbidden_login_list not working |
Jun 27 2010 23:50 |
|
Hi
it seems like the allowed and forbidden_login_list is disabled in the current version. After a quick look at the source I saw it is commented out :(
Are there problems with the feature or why is it removed?
|
Kroum Grigorov |
|
Jun 28 2010 14:22 |
|
These configurations are now replaced with the files in KTS\subsystems folder
You can enable\disable access to KTS or to particular KTS subsystems by allowing\denying NTFS READ access to the files in this folder
For example to configure Guest account to NOT have access to "sftp" and "portforward" you have to deny READ access to the Guest account on the files filetransfer.allowed and port-forward.allowed and leve READ access on terminal.allowed.
If you want to disable a subsystem as a whole you can just rename the corresponding file, for ex from port-forward.allowed to say port-forward.disabled
Kroum
|
fireball |
|
Jun 28 2010 16:10 |
|
ah I see, thx for the explanation. I got it working the way I need it, but I would still prefer a simple config file instead of messing around with access rights to files. With config files its easier to backup the settings.
Anyways the SSH server is looking good so far. Tried freesshd before and it didn't run correctly as a service and every user got the same access rights to the file system :(
Keep up the good work
|
Simon |
|
Oct 15 2010 14:35 |
|
What about if I want to prevent Administrator from logging on to SFTP? I can't seem to block this from happening.
|
Kroum Grigorov |
|
Oct 16 2010 08:19 |
|
You can use the command bellow to deny "administrator" access to the file-transfer.allowed file
[code:1:baeb295fb2]
C:\Program Files\KTS\subsystems>cacls file-transfer.allowed /E /D Administrator
[/code:1:baeb295fb2]
Kroum
|
Simon |
|
Oct 18 2010 08:18 |
|
Excellent. That works just fine. Thankyou for your help.
|
ponaboy |
|
Dec 21 2010 20:13 |
|
this is much more cumbersome than just using a delimited list in the .ini file. It is this sort of behaviour that will prevent us from using this product.
|
© 2007 - 2008 Kroum Grigorov