Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
You VERY RARELY, IF EVER (never really) want to allow ROOT ftp access. The password on FTP it plain text, anyone can read it. You are sending your ROOT password over an unsecure line unencrypted. Bad juju
However should you decide to take my words and chuck em out the window:
In your /etc/ftpusers file comment out root (or comment it if it's uncommented, I cannot remember which right now...). That should be it. You may have to edit your proftpd.conf file if it's also restricted in there, post it up should there be any concern.
Yes, it'd be ssh server rather though, then you scp your files in. Another option is to use sftp, it's ftp over ssh, a little different than scp (scp is secure cp, sftp is secure ftp..).
Check your proftpd.conf file as well. However, like I said, even for 2 seconds, transmitting root's password in plain text is plain bad Sorry, had to use it.
I'd say to attempt an sftp first, it's actually likely you have ssh setup where you could ssh into the box and fix it from there.
And why have you installed these things as root? Shouldn't a non-existent user (nobody) run these daemons? I also setup a second existant, but far less privileged user for my "http" work. They will belong to a group (the only person in the group) that owns the file, give as little permissions as necessary:
chmod 760 filename
maybe, and use them for all the apache php work necessary.
Anyway, since you are in a bind, do your best and change that root pass ASAP after using FTP to access your box with root (should you even be able to, it's possible mandrake may have hardcoded or VERY hard conf'd it in to where root cannot do this for that very reason).
what does the author mean by
"witch to the directory created when you unpacked the vsftpd .tar.gz file.
edit "builddefs.h" to handle compile-time settings (tcp_wrappers build,etc)."
Does anyone know what they mean by switching to the directory or by tcp_wrappers or by the header file?
Um, switching to the directory means when you unpack a tarball, a directory with the name of the tarball (minus the tar.gz) is created, you must cd into that.
edit builddefs.h means to edit the file in that directory for build definitions, wich will include tcp_wrappers and likely gcc info. tcpwrappers are tcpd on some systems, check your /usr/sbin for tcpd if you're interested. From my iddie bit of research tcp_wrappers are another security measure for applications. I believe it helps then appear as rogue apps? Also it's a bit more speedy than standalone? This is all just heresay since I've got no real solid info for ya on it.
I'd suggest sticking with FTP for now, vsftp simply is secure because it supports chrooting itself automatically, but it's no more secure to FTP with root with that than it is with proftpd. You will still be sending it plain text, it's the protocols fault, not the applications.
sftp should be something you should look at, for now...
Ok, to enable root, you will need to make sure that root does not exist in that file, a simple comment in front of the name will do. Save, send a HUP to proftpd (if you are running it in inetd or xinetd send HUP's to them instead) and try again.