FTP server on 5.3
I was trying to setup an FTP server last night on my 5.3 box. I was using the handbook and was instructed to make a new user ftp. So that worked fine and I was able to upload to ftp's home dirrectory but wanted to know if I can safley delete the .* files in his home dirrectory. I was also curious, if I change the permissions on /home/ftp to 755 then people will be able to read but not write to the dirrectory (do they need x permission to download a file?). But how do I make it so everyone can read but only certain users can write. My goal would to not use local accounts but pull usernames and passwords from a MySQL database. I would rather not transfer the username and password in clear text. Any thoughts or how toos I can follow? Thank you, Joshua Lewis ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FTP server on 5.3
On Wed, 16 Mar 2005 12:56:12 -0800 (PST), Joshua Lewis [EMAIL PROTECTED] wrote: I was trying to setup an FTP server last night on my 5.3 box. I was using the handbook and was instructed to make a new user ftp. So that worked fine and I was able to upload to ftp's home dirrectory but wanted to know if I can safley delete the .* files in his home dirrectory. I was also curious, if I change the permissions on /home/ftp to 755 then people will be able to read but not write to the dirrectory (do they need x permission to download a file?). But how do I make it so everyone can read but only certain users can write. My goal would to not use local accounts but pull usernames and passwords from a MySQL database. I would rather not transfer the username and password in clear text. Any thoughts or how toos I can follow? My first thought was that if you are concerned about the integrity of your passwords during transport, you may want to look into something other then FTP. SFTP or SCP for example ( and I'm sure there are a list of other options...) http://www.openssh.org/ http://www.openbsd.org/cgi-bin/man.cgi?query=sftp http://www.openbsd.org/cgi-bin/man.cgi?query=scp -jw ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FTP server on 5.3
On Mar 16, 2005, at 3:56 PM, Joshua Lewis wrote: I was trying to setup an FTP server last night on my 5.3 box. I was using the handbook and was instructed to make a new user ftp. So that worked fine and I was able to upload to ftp's home dirrectory but wanted to know if I can safley delete the .* files in his home dirrectory. Yes. I was also curious, if I change the permissions on /home/ftp to 755 then people will be able to read but not write to the dirrectory (do they need x permission to download a file?). But how do I make it so everyone can read but only certain users can write. My goal would to not use local accounts but pull usernames and passwords from a MySQL database. I would rather not transfer the username and password in clear text. If you want to permit certain users to write, the normal way of doing so is to create standard Unix user accounts for them, and use a shell of /usr/sbin/nologin. However, if you care about account security, do not use FTP. SSH and scp are the way to go -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FTP server on 5.3
try to look into pure-ftpd. You might find your solutions with it On Wed, 16 Mar 2005 16:30:19 -0500 Charles Swiger [EMAIL PROTECTED] wrote: On Mar 16, 2005, at 3:56 PM, Joshua Lewis wrote: I was trying to setup an FTP server last night on my 5.3 box. I was using the handbook and was instructed to make a new user ftp. So that worked fine and I was able to upload to ftp's home dirrectory but wanted to know if I can safley delete the .* files in his home dirrectory. Yes. I was also curious, if I change the permissions on /home/ftp to 755 then people will be able to read but not write to the dirrectory (do they need x permission to download a file?). But how do I make it so everyone can read but only certain users can write. My goal would to not use local accounts but pull usernames and passwords from a MySQL database. I would rather not transfer the username and password in clear text. If you want to permit certain users to write, the normal way of doing so is to create standard Unix user accounts for them, and use a shell of /usr/sbin/nologin. However, if you care about account security, do not use FTP. SSH and scp are the way to go -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FTP server on 5.3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2005-03-17, Aperez scribbled these curious markings: try to look into pure-ftpd. You might find your solutions with it As much as I've been tempted to recommend pure-ftpd in the course of reading this thread, I've restrained from doing so for one reason: despite the fact that it does support TLS-encrypted connections, very few *clients* support that. You can have the most encrypted FTP server on the planet, but it won't do you one mite of good if your clients can't talk to the server. Best Regards, Christopher Nehren -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCONnQk/lo7zvzJioRAqtxAJ41nd73jgVw5ZSFgwn2aYheLrxqAwCdHzji UWtX3Py5xDH0mBdrI6Y3lZw= =iuys -END PGP SIGNATURE- -- I abhor a system designed for the user, if that word is a coded pejorative meaning stupid and unsophisticated. -- Ken Thompson If you ask the wrong questions, you get answers like 42 and God. Unix is user friendly. However, it isn't idiot friendly. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
