Re: adding ftp user
Does anyone know on the topic of ftp security, how we can limit the ftp user that log's in to stay in the home dir you assign them, and not be able to move up the directory tree ? - Original Message - From: Nate Amsden [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: debian-user@lists.debian.org Sent: Tuesday, October 24, 2000 1:09 PM Subject: Re: adding ftp user William Jensen wrote: I've just installed ftpd from the stable potato packages. Anonymous ftp cannot log in because ftp user does not exist. I've setup a chroot jail in /home/ftp. What's the best way to add user ftp in a security conscious way. I tried useradd ftp, then in /etc/passwd I changed it's shell to /bin/false. Anything else I should be aware of? I'd use scp but work's firewall has the port blocked and I'm not particularly excited about sending my username and password for my normal account login so I decided to go the anonymous way. Bill you can change the port for ssh/scp see the manpage .. as for ftp ..thats probably fine ..id be more concerned about the ftpd your using if your using 'ftpd' thats good i wouldn't use proftpd or wu-ftpd though(if your security councious(sp)) nate -- ::: ICQ: 75132336 http://www.aphroland.org/ http://www.linuxpowered.net/ [EMAIL PROTECTED] -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] /dev/null
Re: adding ftp user
On Tue, Oct 24, 2000 at 02:27:46PM +1000, Mario Zuppini wrote: Does anyone know on the topic of ftp security, how we can limit the ftp user that log's in to stay in the home dir you assign them, and not be able to move up the directory tree ? echo lusername /etc/ftpchroot that is all thats required for OpenBSD ftpd 0.3.2 which has a built in ls. -- Ethan Benson http://www.alaska.net/~erbenson/ pgpBKLsBJbIiP.pgp Description: PGP signature
adding ftp user
I've just installed ftpd from the stable potato packages. Anonymous ftp cannot log in because ftp user does not exist. I've setup a chroot jail in /home/ftp. What's the best way to add user ftp in a security conscious way. I tried useradd ftp, then in /etc/passwd I changed it's shell to /bin/false. Anything else I should be aware of? I'd use scp but work's firewall has the port blocked and I'm not particularly excited about sending my username and password for my normal account login so I decided to go the anonymous way. Bill
Re: adding ftp user
William Jensen wrote: I've just installed ftpd from the stable potato packages. Anonymous ftp cannot log in because ftp user does not exist. I've setup a chroot jail in /home/ftp. What's the best way to add user ftp in a security conscious way. I tried useradd ftp, then in /etc/passwd I changed it's shell to /bin/false. Anything else I should be aware of? I'd use scp but work's firewall has the port blocked and I'm not particularly excited about sending my username and password for my normal account login so I decided to go the anonymous way. Bill you can change the port for ssh/scp see the manpage .. as for ftp ..thats probably fine ..id be more concerned about the ftpd your using if your using 'ftpd' thats good i wouldn't use proftpd or wu-ftpd though(if your security councious(sp)) nate -- ::: ICQ: 75132336 http://www.aphroland.org/ http://www.linuxpowered.net/ [EMAIL PROTECTED]
