LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 06-11-2012, 07:39 PM   #1
hiep.pham
Member
 
Registered: Jun 2012
Posts: 54

Rep: Reputation: Disabled
Create FTP users for Download Only


Greeting,

I was wondering if there is a way that I can create a FTP user just for download only? If so, please provide a commands or if there is a link for it.

Thanks,

Hiep
 
Old 06-11-2012, 08:09 PM   #2
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5, Centos 5.10
Posts: 16,242

Rep: Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024
http://www.cyberciti.biz/tips/rhel-c...et-server.html
 
Old 06-12-2012, 09:56 AM   #3
wpeckham
Member
 
Registered: Apr 2010
Location: USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix
Posts: 751

Rep: Reputation: 170Reputation: 170
Sure

1. There are about six ways I can think of just off the top, but the link already provided is a good start. If that does not satisfy, post that news here for more suggestions.



2. Why use ftp when SFTP is much more safe, secure, and reliable?
 
Old 06-12-2012, 12:55 PM   #4
hiep.pham
Member
 
Registered: Jun 2012
Posts: 54

Original Poster
Rep: Reputation: Disabled
Thank you for your input.
I just finish created an FTP account for one of the employee and since he works with third party and he would like to know if that possible to create an additional account so that party can just download the files. And he doesn't want that party to delete or mess up with his file. Do you think it is safe or recommend to create anonymous account for it?

Thanks,

-Hiep
 
Old 06-13-2012, 07:42 AM   #5
wpeckham
Member
 
Registered: Apr 2010
Location: USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix
Posts: 751

Rep: Reputation: 170Reputation: 170
Safe?

It depends upon what you mean by 'safe'. If it is OK for just anyone in the world to download the available files and you make an account (and adjust permissions) so they can only download and not upload, it is pretty safe until you get compromised.

One thing to realize, is that FTP passes account names and passwords in clear text. Anyone who can trap packets and read can easily own any of your FTP accounts. Only if they are ALL download only is there any security. Using a protocol that encrypts security information (sftp already mentioned) is the generally accepted answer to that security issue. No FTP server can be made entirely safe. The best I know runs from CD or DVD (read only media) does not use persitance, and reboots from the read-only media at encountering any suspicious behavior. (And that is DARNED inconvenient at times). FTP is just not secure or safe, period.

Being safe and secure and using ftp do not work together. You might consider one of the more secure ftp server packages, locking down all accounts and file spaces ftp users can reach to make them read-only, and monitoring logs carefully, running rootkithunter and other compromise detection, backing up often, and praying a lot.

Or you could use a more secure protocol, still engage most of the above, but relax a bit.
 
Old 06-13-2012, 07:57 PM   #6
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5, Centos 5.10
Posts: 16,242

Rep: Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024
I'd recommend using SFTP as above (or even scp), using ssh auth-keys if reqd.
This is assuming CLI access.

If he's using a GUI, then Filezilla offers the option of using port 22 (ie sftp) and has clients for both Linux & MS-Win.

In theory you can secure vsftpd by using the TLS extension/option, but its a messy messy business...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Create FTP users for Download Only hiep.pham Linux - Server 3 06-12-2012 02:15 PM
Always prompting login form when anonymous users try download files from ftp??? gavin2u Linux - Server 1 03-22-2010 01:32 AM
Create FTP users, with limited permissions BillKat Linux - General 3 07-07-2009 03:14 AM
Linking files for ftp users to download AngryKeebler Linux - Newbie 6 09-01-2004 12:08 PM


All times are GMT -5. The time now is 02:27 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration