linuxtricks
IS-IT--Management
I am trying to set up my secure FTP server so that:
[red]1.)[/red] all who access it can only see their "home" directories and nothing more.
[red]2.)[/red] The FTP server will only allow NON-Anonymous FTP connections.
[red]3.)[/red] The user gets full priviledges for their individual home directories.
The following is the "/etc/ftpaccess" file I currently have on my system:
-----------------------------
class all real *
email root@localhost
loginfails 3
readme README* login
readme README* cwd=*
message /welcome.msg login
message .message cwd=*
compress yes guest,real,anonymous
tar yes guest,real,anonymous
chmod no guest,anonymous
delete no guest,anonymous
overwrite yes real
rename yes real
log transfers real,anonymous inbound,outbound
shutdown /etc/shutmsg
passwd-check rfc822 warn
chmod yes real
delete yes real
overwrite yes real
rename yes real
overwrite no guest,anonymous
rename no guest,anonymous
-----------------------------
This configuration does not allow what I need to be done.
My friend recommended the following to me, as all of what I need done for me... worked for him with the following file:
-----------------------------
class all real,guest,anonymous *
email root@localhost
loginfails 5
readme README* login
readme README* cwd=*
message /welcome.msg login
message .message cwd=*
compress yes all
tar yes all
chmod yes guest
delete yes guest
overwrite yes guest
rename yes guest
chmod no anonymous
delete no anonymous
overwrite no anonymous
rename no anonymous
log transfers anonymous,real inbound,outbound
shutdown /etc/shutmsg
passwd-check rfc822 warn
guestuser *
realgroup root
daemonaddress 127.0.0.1
-----------------------------
I replaced my configuration with what my friend gave me.
When I connected to the server, I could only see the [red]"/"[/red] (root) directory (the equivalent to the users home dir), which was good (this indicated to me that I was blinded to the rest of the system, like I wanted). But, I was also blinded to my own directory. When I created a folder in my home directory, I could not see the file I created.
(note: If I connected to the machine via console, I could see that the files were created.)
When I connected with the "original" ftpaccess file in place, I could see my directory and write to it... but I also saw the "tree" of directories before my "/home/user" directory - which is BAD.
=\ -confused face.
Can anyone help me out with the ftpaccess file? The man pages show very little about what I need to know.
Sorry for the huge posting. I didn't know how else to describe it.
Thanks, Rich [sig]<p> <br><a href=mailto: > </a><br><a href= > </a><br><i>try not!</i><br>
<i>do... or do not. there is no try!</i>[/sig]
[red]1.)[/red] all who access it can only see their "home" directories and nothing more.
[red]2.)[/red] The FTP server will only allow NON-Anonymous FTP connections.
[red]3.)[/red] The user gets full priviledges for their individual home directories.
The following is the "/etc/ftpaccess" file I currently have on my system:
-----------------------------
class all real *
email root@localhost
loginfails 3
readme README* login
readme README* cwd=*
message /welcome.msg login
message .message cwd=*
compress yes guest,real,anonymous
tar yes guest,real,anonymous
chmod no guest,anonymous
delete no guest,anonymous
overwrite yes real
rename yes real
log transfers real,anonymous inbound,outbound
shutdown /etc/shutmsg
passwd-check rfc822 warn
chmod yes real
delete yes real
overwrite yes real
rename yes real
overwrite no guest,anonymous
rename no guest,anonymous
-----------------------------
This configuration does not allow what I need to be done.
My friend recommended the following to me, as all of what I need done for me... worked for him with the following file:
-----------------------------
class all real,guest,anonymous *
email root@localhost
loginfails 5
readme README* login
readme README* cwd=*
message /welcome.msg login
message .message cwd=*
compress yes all
tar yes all
chmod yes guest
delete yes guest
overwrite yes guest
rename yes guest
chmod no anonymous
delete no anonymous
overwrite no anonymous
rename no anonymous
log transfers anonymous,real inbound,outbound
shutdown /etc/shutmsg
passwd-check rfc822 warn
guestuser *
realgroup root
daemonaddress 127.0.0.1
-----------------------------
I replaced my configuration with what my friend gave me.
When I connected to the server, I could only see the [red]"/"[/red] (root) directory (the equivalent to the users home dir), which was good (this indicated to me that I was blinded to the rest of the system, like I wanted). But, I was also blinded to my own directory. When I created a folder in my home directory, I could not see the file I created.
(note: If I connected to the machine via console, I could see that the files were created.)
When I connected with the "original" ftpaccess file in place, I could see my directory and write to it... but I also saw the "tree" of directories before my "/home/user" directory - which is BAD.
=\ -confused face.
Can anyone help me out with the ftpaccess file? The man pages show very little about what I need to know.
Sorry for the huge posting. I didn't know how else to describe it.
Thanks, Rich [sig]<p> <br><a href=mailto: > </a><br><a href= > </a><br><i>try not!</i><br>
<i>do... or do not. there is no try!</i>[/sig]