Re: creating ftp users!
On 7/18/07, Gollapati, Kishore (GE Indust, ES Europe, consultant) [EMAIL PROTECTED] wrote: Hi I am using windows 2003 server. I want to limiting ftp users to their respective home dir. i have seen your reply You can do this simply by creating a file /etc/ftpchroot and putting all the usernames in there. Can you please tell more on this Regards Kishore ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Wait a second...you want to know how to add FTP users to a Windows 2003 Server? ...This is a FreeBSD mailing list. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: creating ftp users!
I am using windows 2003 server. I want to limiting ftp users to their respective home dir. i have seen your reply You can do this simply by creating a file /etc/ftpchroot and putting all the usernames in there. Chroot is a Unix thing, no way you can apply to Windaube. That said, chroot is a way to run an application, like ftp, so that it changes the root of the disk hierarchyL once you have chroot'ed to some point in the directory tree, you cannot see what is above this point, there is no way to come back, no cd .., tit is like the new directory tree starts at the chroot'ed point. So if you chroot at the user home dir, the user can only see his one directory. Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: creating ftp users!
- Original Message From: Gollapati, Kishore (GE Indust, ES Europe, consultant) [EMAIL PROTECTED] To: freebsd-questions@freebsd.org Sent: Wednesday, July 18, 2007 7:22:43 AM Subject: creating ftp users! Hi I am using windows 2003 server. I want to limiting ftp users to their respective home dir. i have seen your reply You can do this simply by creating a file /etc/ftpchroot and putting all the usernames in there. Can you please tell more on this Regards Kishore _ Step 1. Replace the operating system on the server (Windows Server 2003) with FreeBSD 6.2. During the installation, select the option to activate inetd and uncomment the ftp line in /etc/inetd.conf. Step 2. Login as root and create your users using the command 'adduser'. Step 3. Using a text editor, such as vi, create the file /etc/ftpchroot and add each user name on its own line. Best of luck, Andrew L. Gould ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: creating ftp users!
Hello, During the installation, select the option to activate inetd and uncomment the ftp line in /etc/inetd.conf. Step 2. Login as root and create your users using the command 'adduser'. Step 3. Using a text editor, such as vi, create the file /etc/ftpchroot and add each user name on I hope I am not hijacking this thread but using this opportunity I would like to ask if a similar thing could be applied to scp connections? BTW - contrary to the original poster I am using FreeBSD ;) Thanks! -- Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: creating ftp users!
On Wed, Jul 18, 2007 at 05:30:23PM +0200, Zbigniew Szalbot wrote: Hello, During the installation, select the option to activate inetd and uncomment the ftp line in /etc/inetd.conf. Step 2. Login as root and create your users using the command 'adduser'. Step 3. Using a text editor, such as vi, create the file /etc/ftpchroot and add each user name on I hope I am not hijacking this thread but using this opportunity I would like to ask if a similar thing could be applied to scp connections? BTW - contrary to the original poster I am using FreeBSD ;) Thanks! -- Zbigniew Szalbot Install shells/scponly with WITH_SCP_CHROOT defined, and follow instructions given to you by pkg-message. HTH, Yuri pgpWkrSKVm0Yy.pgp Description: PGP signature
Re: creating ftp users!
On Wed, 18 Jul 2007 19:32:36 +0400 Yuri Pankov [EMAIL PROTECTED] wrote: I hope I am not hijacking this thread but using this opportunity I would like to ask if a similar thing could be applied to scp connections? BTW - contrary to the original poster I am using FreeBSD ;) Install shells/scponly with WITH_SCP_CHROOT defined, and follow instructions given to you by pkg-message. indeed, this works very well and the creation of users + chroots is (or can be) mostly scripted. _ {Beto|Norberto|Numard} Meijome Quantum Logic Chicken: The chicken is distributed probabalistically on all sides of the road until you observe it on the side of your course. I speak for myself, not my employer. Contents may be hot. Slippery when wet. Reading disclaimers makes you go blind. Writing them is worse. You have been Warned. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: creating ftp users!
Rob, If you want a nice message, I suggest creating a class in /etc/logins.conf which point to a /etc/issues.sftponly file where the user gets a nice message, which you deem appropriate. Secondly, as far as chroot, I don't believe OpenSSH supports chroot natively, however I know there is a patch floating around (I believe in the contrib/ directory of the openssh portable tarball) which will patch openssh to support chroot'd environments. You will need to recompile the openssh portable distribution, however. Rob Lahaye wrote: Raymond Sundland wrote: Rob, You can try setting the user's shell to /usr/libexec/sftp-server (or wherever the sftp-server binary exists under FreeBSD). This will give the user ability to SFTP into the box, but without a normal shell. /usr/lib/exec/sftp-server should be added to /etc/shells, too. Almost works ;). Doing what you suggest, I can sftp to the account, but when I do ssh to that account, I get the regular login message but no prompt. Something seems to hang. When I type something and hit return, I get: bad message Connection to foo.bar.com closed. $ It somehow blocks ssh login indeed, but it's not very nice! BTW will sftp also work with the /etc/chroot file? Thanks, Rob. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: creating ftp users!
How to create users for Ftp server(inetd)? You just use the 'adduser' command normally, to add a normal user. If they are just going to be doing ftp, you can use the /sbin/nologin for their shell, so they can't login. -- Jonathan Arnold (mailto:[EMAIL PROTECTED]) Daemon Dancing in the Dark, a FreeBSD blog: http://freebsd.amazingdev.com/blog ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: creating ftp users!
Hi, I would also suggest limiting ftp users to their respective home dir. You can do this simply by creating a file /etc/ftpchroot and putting all the usernames in there. Doron Shmaryahu -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jonathan Arnold Sent: 23 June 2003 01:38 PM To: [EMAIL PROTECTED] Subject: Re: creating ftp users! How to create users for Ftp server(inetd)? You just use the 'adduser' command normally, to add a normal user. If they are just going to be doing ftp, you can use the /sbin/nologin for their shell, so they can't login. -- Jonathan Arnold (mailto:[EMAIL PROTECTED]) Daemon Dancing in the Dark, a FreeBSD blog: http://freebsd.amazingdev.com/blog ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: creating ftp users!
I have not inetd running, but instead only allow secure connections with ssh and sftp. However, the hints given here seem to only apply to ftpd server and not the sftp connection. /sbin/nologin disables both, ssh and sftp. Is there a way to disable ssh, but allow sftp access only? Can I do the /etc/ftpchroot for sftp as well? Thanks, Rob. Jonathan Arnold wrote: How to create users for Ftp server(inetd)? You just use the 'adduser' command normally, to add a normal user. If they are just going to be doing ftp, you can use the /sbin/nologin for their shell, so they can't login. Doron Shmaryahu wrote: I would also suggest limiting ftp users to their respective home dir. You can do this simply by creating a file /etc/ftpchroot and putting all the usernames in there. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: creating ftp users!
Raymond Sundland wrote: Rob, You can try setting the user's shell to /usr/libexec/sftp-server (or wherever the sftp-server binary exists under FreeBSD). This will give the user ability to SFTP into the box, but without a normal shell. /usr/lib/exec/sftp-server should be added to /etc/shells, too. Almost works ;). Doing what you suggest, I can sftp to the account, but when I do ssh to that account, I get the regular login message but no prompt. Something seems to hang. When I type something and hit return, I get: bad message Connection to foo.bar.com closed. $ It somehow blocks ssh login indeed, but it's not very nice! BTW will sftp also work with the /etc/chroot file? Thanks, Rob. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: creating ftp users!
Rob, If you want a nice message, I suggest creating a class in /etc/logins.conf which point to a /etc/issues.sftponly file where the user gets a nice message, which you deem appropriate. Secondly, as far as chroot, I don't believe OpenSSH supports chroot natively, however I know there is a patch floating around (I believe in the contrib/ directory of the openssh portable tarball) which will patch openssh to support chroot'd environments. You will need to recompile the openssh portable distribution, however. Rob Lahaye wrote: Raymond Sundland wrote: Rob, You can try setting the user's shell to /usr/libexec/sftp-server (or wherever the sftp-server binary exists under FreeBSD). This will give the user ability to SFTP into the box, but without a normal shell. /usr/lib/exec/sftp-server should be added to /etc/shells, too. Almost works ;). Doing what you suggest, I can sftp to the account, but when I do ssh to that account, I get the regular login message but no prompt. Something seems to hang. When I type something and hit return, I get: bad message Connection to foo.bar.com closed. $ It somehow blocks ssh login indeed, but it's not very nice! BTW will sftp also work with the /etc/chroot file? Thanks, Rob. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]