LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 04-03-2002, 10:16 AM   #1
bripage
Member
 
Registered: Jan 2002
Location: Moorpark
Distribution: SLACK 8!
Posts: 230

Rep: Reputation: 30
Havin trouble allowing FTP users to access files and directories


For some reason Im having a bit of trouble get the pftp daemon to allow the ftp users to not only access files, but just move around in the filesystem. Also, Id like to know how to just make a directory, FTP for instance, and have everything that goes on with the ftp happen in there (uploading/downloading). That way its more secure.
 
Old 04-03-2002, 02:57 PM   #2
bripage
Member
 
Registered: Jan 2002
Location: Moorpark
Distribution: SLACK 8!
Posts: 230

Original Poster
Rep: Reputation: 30
does anyone know what I need?
 
Old 04-04-2002, 12:29 AM   #3
bripage
Member
 
Registered: Jan 2002
Location: Moorpark
Distribution: SLACK 8!
Posts: 230

Original Poster
Rep: Reputation: 30
hmmm having a bit of trouble here.. can someone please help me?
 
Old 04-04-2002, 02:48 AM   #4
Mik
Senior Member
 
Registered: Dec 2001
Location: The Netherlands
Distribution: Ubuntu
Posts: 1,316

Rep: Reputation: 46
Well you haven't really specified what problems you are having exactly. But there are many answers in:
http://proftpd.org/docs/faq/proftpdfaq.html

You can use the DefaultRoot directive to jail all the users to a specific directory.
http://proftpd.org/docs/directives/l...faultRoot.html
 
Old 04-04-2002, 04:46 AM   #5
bripage
Member
 
Registered: Jan 2002
Location: Moorpark
Distribution: SLACK 8!
Posts: 230

Original Poster
Rep: Reputation: 30
Im trying to figure out why when I login into the server as anonymous... I cant access anything or go anywere on there server at all.
 
Old 04-04-2002, 05:21 AM   #6
Mik
Senior Member
 
Registered: Dec 2001
Location: The Netherlands
Distribution: Ubuntu
Posts: 1,316

Rep: Reputation: 46
Probably because of the permissions. The anonymous section should have a user and group which is used for the anonymous user. That user should have read and execute permissions to be able to see the contents of the directory.
 
Old 04-04-2002, 09:25 AM   #7
bripage
Member
 
Registered: Jan 2002
Location: Moorpark
Distribution: SLACK 8!
Posts: 230

Original Poster
Rep: Reputation: 30
How do I check the file permisions to see if the allowed to be seen by FTP? Then, How can I change the access directory that the FTP users log into because currently its root althoguh nothing shows up for them to mess with.
 
Old 04-04-2002, 09:28 AM   #8
hanzerik
Member
 
Registered: Jan 2002
Location: Cheyenne Wyoming
Distribution: Debian
Posts: 717

Rep: Reputation: 32
Its up to you to put files there for your anonymous users.

They should not have read/write access for security reasons. By default, when anonymous users connects, they are locked into the /home/ftp directory and cannot go anywhere else. They only have read access.

You dont want people you dont know to have the ability to navigate all over your system and look at your system files. Lets say you let a unknown person be able to view your passwd file, and from that he gets the usernames of everyone on the system, he can then try to crack their passwords by trying different password combos based on a username. And you let them see your firewall script, maybe then they can find a weakness. The list goes on and on.

If they are your friends, then create them a unix username and password using adduser. They will be able to ftp (read/write) to their home directory and still navigate the system. At least that way you can keep track of what they are doing.

If you allow anonymous users to browse your system you are asking for trouble.
 
Old 04-04-2002, 09:29 AM   #9
hanzerik
Member
 
Registered: Jan 2002
Location: Cheyenne Wyoming
Distribution: Debian
Posts: 717

Rep: Reputation: 32
change the line in /etc/passwd for user ftp from /home/ftp to whatever directory you want.
 
Old 04-15-2002, 03:54 PM   #10
nejoom
LQ Newbie
 
Registered: Mar 2002
Location: Holland
Distribution: RH
Posts: 15

Rep: Reputation: 0
If your interested, this is how i configured my ftp settings:

1. Allow known users to ftp login and move/upload/download files within thier own home directory, disallow all roaming to other directories.

2. Allow anonymous logins to ftp to just one directory to upload stuff but dont allow downloads.

3. Do this on redhat with a startup script.


You can download the configuration files:
http://www.tinydeveloper.com/scripts/proftpd
(=bootup script: should be located in /etc/init.d/ on redhat)

http://www.tinydeveloper.com/scripts/proftpd.conf
(=configuration script: should be located in /etc/proftpd on redhat)

Adding a user:
[root@fire root]# adduser ftptester
[root@fire root]# passwd ftptester
#dissallow shell login
[root@fire root]# chsh -s /sbin/nologin ftptester

Making a anonymous directory (with my conf file):
[root@fire root]# mkdir -p /home/ftp/uploads
[root@fire root]# chown -R ftp.ftp /home/ftp
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Allowing non-root users rw access to floppy disks? black hole sun Linux - Hardware 3 02-12-2005 08:43 PM
GFTP allowing Root access to an FTP user scottpioso Red Hat 2 01-07-2004 06:20 PM
Allowing access to FTP server on LAN using IPTABLES - Help please sergio3986 Linux - Security 2 12-18-2003 12:22 PM
allowing set users to mount a drive, access issues Alpha_Beta Linux - Hardware 4 11-12-2003 09:21 PM
Allowing users to mount and access devices katanastab Linux - General 1 02-14-2002 03:54 PM


All times are GMT -5. The time now is 10:00 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration