I've had great luck using proftpd for this. The server will use virtual accounts (and UIDs) from an SQL table, and can create the appropriate directories and permissions upon login. This has the advantage of being easily automated, and in a completely seperate name space from the actual system. It would be almost trivial to have a script remove entries after their expiration, however some other process might be needed to remove the actual files. There only problem I have identified (for my application) was that it could not authenticate the incoming user by source IP in addition to username/password.
----- Original Message ----- From: "Lists" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, May 23, 2002 3:05 PM Subject: Automatic FTP account creation > I'm looking for a "secure" way to automatically create FTP accounts on a > FTP server in the DMZ from an internal server. > > Here's the scenario: > > Client has multiple customers (hundreds) and would like to have the > ability for their customers to be able to upload/download files from > their FTP server. They envision an internal employee (primary client > contacts, non technical) going to an internal web server interface and > keying in a username and password. They would like this to kick off a > creation of a user on the FTP server with a home directory being created > for the user will full rights to the directory. Furthermore they would > like this account to be active for "X" days before expiring with the > optional ability to delete the entire directory automatically. > > Anyone ever run across something like this? > > Platform is not important, can be a UNIX or NT based FTP server. This > request has obvious security issues but if you knew the client you'd > agree this is the least of their worries. > > Thanks in advance. >
