Loading ...
Sorry, an error occurred while loading the content.

Re: [linux] FTP

Expand Messages
  • Brian L. Johnson
    ... Well, first of all, you should stop using WU-FTPD, as it is infamous for legion security holes. If you insist on using it, you can run it under the chroot
    Message 1 of 11 , Sep 2, 2000
    • 0 Attachment
      On Sep 2, Programmer@... wrote to linux@egroups.com:

      >My servers uses wu ftpd 2.6. How do you make it so when users login
      >via ftp they cannot leave their home directory?

      Well, first of all, you should stop using WU-FTPD, as it is infamous for
      legion security holes.

      If you insist on using it, you can run it under the chroot command,
      which restricts the FTP server to certain points on the directory
      tree. Chroot is a little too complex to explain here, so I recommend
      reading the man page on it.

      Better yet, use Pro-ftpd. Highly secure, and runs users in a chroot jail
      in their home directories by default. Somewhat more complex to configure
      than Wu-ftpd, but waaay more flexible.

      http://www.proftpd.net

      -=Brian L. Johnson, blj8.com=-
      http://www.blj8.com
      Total Bookmarks in file= 7238
      ---------------------------------
    • John O'Donnell
      ... in /etc/ftpaccess, add under classes guestgroup ftpgrp ftpgrp is the group name you d like your lock down ftp users to be in. (it can be called anything
      Message 2 of 11 , Sep 2, 2000
      • 0 Attachment
        Programmer@... wrote:
        >
        > Hi,
        >
        > My servers uses wu ftpd 2.6. How do you make it so when users login
        > via ftp they cannot leave their home directory?
        >
        > Thanks
        >
        > Randy

        in /etc/ftpaccess, add under classes
        guestgroup ftpgrp
        ftpgrp is the group name you'd like your "lock down" ftp users to be in.
        (it can be called anything you want and you can have more than one group)

        Make sure your /etc/inetd.conf will call ftpd with the "-a" option to
        use the /etc/ftpusers file.

        Create group ftpgrp if you haven't done so already.
        For each of your "lock down" accounts in /etc/passwd add a "/./" to
        the end of the home dir path.

        Now they are locked into that one directory and below only.

        You might want to create a "bin" and a "lib" directory in the new home
        directory and populate them with at least "ls" and the libraries necessary
        to run ls. (run "ldd ls" to find that out)
        The user will be locked into his home directory and have NO access
        to ANYTHING above his directory. And that includes ls to do directories.

        Here is the man page snippet from ftpaccess:

        guestgroup groupname [groupname ... ]
        If a real user is a member of any of groupname, the session is set
        up exactly as with anonymous FTP. In other words, a chroot(S) is
        done, and the user is no longer permitted to issue the USER and
        PASS commands. groupname is a valid group from /etc/group .

        The user's home directory must be properly set up, exactly as
        anonymous FTP would be. The home directory field of the password
        entry is divided into two directories. The first field is the root
        directory which will be the argument to the chroot(S) call. The
        second half is the user's home directory relative to the root
        directory. The two halves are separated by ``/./'' (for example,
        ``/ftp/./incoming''). This will cause the FTP server to chroot to
        /ftp and then chdir(S) to /incoming.

        Good Luck and enjoy :-)
        Johnny O

        --
        === Never ask a geek why, just nod your head and slowly back away.===
        +==============================+====================================+
        | John O'Donnell (Sr. Systems Engineer, Net Admin, Webmaster, etc.) |
        | Voice FX Corporation (a subsidiary of Student Advantage) |
        | One Plymouth Meeting | E-Mail: johnod@... |
        | Suite 610 | www.voicefx.com |
        | Plymouth Meeting, PA 19462 | www.campusdirect.com |
        +==============================+====================================+
      • Lewis Bergman
        I have to second BLJ s opinion and say that your better off with proftpd. I would have to disagree with the config part though. I think pro is much much easier
        Message 3 of 11 , Sep 5, 2000
        • 0 Attachment
          I have to second BLJ's opinion and say that your better off with proftpd. I
          would have to disagree with the config part though. I think pro is much much
          easier to configure. Especially to do what you want. Double that if you have
          ever configured apache. It uses that same familiar type of directive structure.
          Been very happy since I switched. I never read a manual and was able to get it
          up, running, jail users, allow overights, all within about 15 minutes just by
          looking at the config file. Very nifty.

          --
          Lewis Bergman
          Texas Communications
          4309 Maple St.
          Abilene, TX 79602
          915-695-6962
        • Ed McMan
          ... Hash: SHA1 Is there any way to get ftp ip masq support in 2.4 while using ipchains? - ------------------------------------------------------------- ... -
          Message 4 of 11 , Sep 2, 2001
          • 0 Attachment
            -----BEGIN PGP SIGNED MESSAGE-----
            Hash: SHA1

            Is there any way to get ftp ip masq support in 2.4 while using
            ipchains?

            - -------------------------------------------------------------
            | Eddie J Schwartz <EdMcMan@...> http://www.m00.net |
            | AIM: The Cypher ICQ: 35576339 PGP ID: 0x96CDDED4 |
            | "We Trills have an expression--at forty, you think you |
            | know everything. At four hundred, you realize you know |
            | nothing." - Dax, Star Trek Deep Space 9 |
            - -------------------------------------------------------------

            -----BEGIN PGP SIGNATURE-----
            Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
            Comment: m00

            iQA/AwUBO5JBQi6XaAWWzd7UEQK8qQCeIJJ5x7f36LriFbPwHJN/rRN9bOoAnAld
            V4d5MVV9/qz3UkESYaVGGHqu
            =ZSj8
            -----END PGP SIGNATURE-----
          • Angela Sampedro
            hello guys i just downloaded a FTP program and i installed in my PC windows i connect to the internet for a linux server well, when i want to connect to a
            Message 5 of 11 , Oct 24, 2001
            • 0 Attachment
              hello guys

              i just downloaded a FTP program and i installed in my PC windows
              i connect to the internet for a linux server

              well, when i want to connect to a site, the FTP program just tell
              i am not connected to the internet

              so, who can help me with this??


              thanks in advance
              Angela


              [Non-text portions of this message have been removed]
            • wolf_bear
              Anyone know of any good FTP clients for linux? I m using gFTP and it works ok, but I d like to test out a few others. I m using RH9 on a 56k modem. Also
              Message 6 of 11 , Sep 12, 2004
              • 0 Attachment
                Anyone know of any good FTP clients for linux? I'm using gFTP and it
                works ok, but I'd like to test out a few others. I'm using RH9 on a 56k
                modem. Also running via KDE.




                [Non-text portions of this message have been removed]
              • Scott Robbins
                ... Hash: SHA1 ... I like ncftp. It s a command line client, but pretty handy. It has tab completion and the like. It might even be installed already, try
                Message 7 of 11 , Sep 12, 2004
                • 0 Attachment
                  -----BEGIN PGP SIGNED MESSAGE-----
                  Hash: SHA1

                  On Sun, Sep 12, 2004 at 05:53:21PM -0700, wolf_bear wrote:
                  > Anyone know of any good FTP clients for linux? I'm using gFTP and it
                  > works ok, but I'd like to test out a few others. I'm using RH9 on a 56k
                  > modem. Also running via KDE.


                  I like ncftp. It's a command line client, but pretty handy. It has tab
                  completion and the like. It might even be installed already, try

                  which ncftp


                  - --

                  Scott

                  PGP keyID EB3467D6
                  ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 D575 EB34 67D6 )
                  gpg --keyserver pgp.mit.edu --recv-keys EB3467D6


                  Buffy: It was exactly you, Will. Every detail. Except for your not
                  being a dominatrix... as far as we know.
                  Willow: Oh, right, me and Oz play Mistress of Pain every night.
                  Xander: Did anyone else just go to a scary visual place?
                  Buffy: Oh, yeah.
                  Giles: (raises glasses)
                  -----BEGIN PGP SIGNATURE-----
                  Version: GnuPG v1.2.5 (FreeBSD)

                  iD8DBQFBRP/9+lTVdes0Z9YRAv+nAJ9Fh83BG2+qyRdu+wNl80dQvI3E1wCgmZSD
                  qfpD3r8YJYt6TkOm5CKOJOQ=
                  =TRwI
                  -----END PGP SIGNATURE-----
                • Michael Kjorling
                  ... Hash: SHA1 ... Midnight Commander also has FTP support, but it has a few quirks, such as not supporting/allowing @ in usernames. (At least I haven t
                  Message 8 of 11 , Sep 13, 2004
                  • 0 Attachment
                    -----BEGIN PGP SIGNED MESSAGE-----
                    Hash: SHA1

                    2004-09-12 22:03, scottro@... wrote in <20040913020341.GA37078@...>:
                    > I like ncftp. It's a command line client, but pretty handy. It has tab
                    > completion and the like. It might even be installed already, try

                    Midnight Commander also has FTP support, but it has a few quirks, such
                    as not supporting/allowing @ in usernames. (At least I haven't figured
                    out a way, and the help files don't seem to mention anything about
                    it.)

                    Of course, there's the good old `ftp', too. It's not fancy, but if you
                    just want one or a few files it certainly does the trick. And it
                    scripts easily.

                    - --
                    Michael Kjörling - michael@... - SM0YBY QTH JO89XI ^..^
                    OpenPGP: 3723 9372 c245 d6a8 18a6 36ac 758f 8749 BDE9 ADA6 \/
                    World Wide Web: http://michael.kjorling.com/ Facta non verba
                    ASCII Ribbon Campaign: Against HTML Mail, Proprietary Attachments
                    -----BEGIN PGP SIGNATURE-----
                    Version: GnuPG v1.2.3 (GNU/Linux)

                    iD8DBQFBRVQzdY+HSb3praYRAiw7AJ9u/Z/826F4Hs4ADuI2h8OJGqi17gCePsou
                    BhxmKv+qSGS98oJGeGW7g2I=
                    =vxr0
                    -----END PGP SIGNATURE-----
                  • wolf_bear
                    ... ok, midnight commander comes upfine and I can log in fine. (basically I m looking for a way to backup my website from my hosttomy localmachine and upload
                    Message 9 of 11 , Sep 17, 2004
                    • 0 Attachment
                      Michael Kjorling wrote:

                      > -----BEGIN PGP SIGNED MESSAGE-----
                      > Hash: SHA1
                      >
                      > 2004-09-12 22:03, scottro@... wrote in
                      > <20040913020341.GA37078@...>:
                      > > I like ncftp. It's a command line client, but pretty handy. It has tab
                      > > completion and the like. It might even be installed already, try
                      >
                      > Midnight Commander also has FTP support, but it has a few quirks, such
                      > as not supporting/allowing @ in usernames. (At least I haven't figured
                      > out a way, and the help files don't seem to mention anything about
                      > it.)
                      >
                      > Of course, there's the good old `ftp', too. It's not fancy, but if you
                      > just want one or a few files it certainly does the trick. And it
                      > scripts easily.
                      >
                      ok, midnight commander comes upfine and I can log in fine. (basically
                      I'm looking for a way to backup my website from my hosttomy localmachine
                      and upload changes from local to host.) Anyway, I can get the host on
                      the left and the local directory on the right - but I can't figure out
                      how to ac tually start a transfer. Duh!

                      ncftp is also installed, but I'm dumb there too.

                      Isn't there another gui ftp client for linux other than Gftp? Google
                      searching and Source Forge isn't helping me at all.
                    • Michael Kjorling
                      ... Hash: SHA1 ... Try F5 - Copy . - -- Michael Kjörling, michael@kjorling.com SM0YBY QTH JO89 ^..^ OpenPGP: 3723 9372 c245 d6a8 18a6 36ac 758f 8749
                      Message 10 of 11 , Sep 17, 2004
                      • 0 Attachment
                        -----BEGIN PGP SIGNED MESSAGE-----
                        Hash: SHA1

                        2004-09-17 03:40, wolf_bear@... wrote in <414ABF39.9040502@...>:
                        > and upload changes from local to host.) Anyway, I can get the host on
                        > the left and the local directory on the right - but I can't figure out
                        > how to ac tually start a transfer. Duh!

                        Try F5 - "Copy".

                        - --
                        Michael Kjörling, michael@... SM0YBY QTH JO89 ^..^
                        OpenPGP: 3723 9372 c245 d6a8 18a6 36ac 758f 8749 BDE9 ADA6 \/
                        World Wide Web: http://michael.kjorling.com/ Facta non Verba
                        ASCII Ribbon Campaign: Against HTML Mail, Proprietary Attachments

                        No bird soars too high if he soars with his own wings.
                        -----BEGIN PGP SIGNATURE-----
                        Version: GnuPG v1.2.3 (GNU/Linux)

                        iD8DBQFBStojdY+HSb3praYRAmlQAKCP2hhDsiPZa9smN3KmqCSV8t/kAACfTLvG
                        Tb4VfQCuMw+caRdYPZtywgU=
                        =m8cA
                        -----END PGP SIGNATURE-----
                      Your message has been successfully submitted and would be delivered to recipients shortly.