LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-20-2003, 02:01 AM   #1
Ajai
LQ Newbie
 
Registered: Jul 2003
Posts: 11

Rep: Reputation: 0
Proftpd on Mandrake


I am able to use ftp with anonymous login. it also works for all other users but it won't work for the root.

How do I enable ftp access for root-only and disable all users including anonymous login?
 
Old 07-20-2003, 02:11 AM   #2
MasterC
LQ Guru
 
Registered: Mar 2002
Location: Salt Lake City, UT - USA
Distribution: Gentoo ; LFS ; Kubuntu
Posts: 12,612

Rep: Reputation: 64
You VERY RARELY, IF EVER (never really) want to allow ROOT ftp access. The password on FTP it plain text, anyone can read it. You are sending your ROOT password over an unsecure line unencrypted. Bad juju

However should you decide to take my words and chuck em out the window:
In your /etc/ftpusers file comment out root (or comment it if it's uncommented, I cannot remember which right now...). That should be it. You may have to edit your proftpd.conf file if it's also restricted in there, post it up should there be any concern.

Cool
 
Old 07-20-2003, 02:22 AM   #3
Ajai
LQ Newbie
 
Registered: Jul 2003
Posts: 11

Original Poster
Rep: Reputation: 0
Thanks for the super fast reply.
I won't be using root for ftp access forever.

I installed apache,mysql and PHP as root. I need to access some of the files from my home/office for reinstalling PHP forums/skins.

Is there any other option of doing this? I really hate doing it as 'root'.

Anyway, commenting out root in /etc/ftpusers did not solve my problem
 
Old 07-20-2003, 02:24 AM   #4
Ajai
LQ Newbie
 
Registered: Jul 2003
Posts: 11

Original Poster
Rep: Reputation: 0
Also, I have heard about scp, ssh, sftp, etc.,
can I use my computer as scp server and then login as root from outside?
 
Old 07-20-2003, 02:36 AM   #5
MasterC
LQ Guru
 
Registered: Mar 2002
Location: Salt Lake City, UT - USA
Distribution: Gentoo ; LFS ; Kubuntu
Posts: 12,612

Rep: Reputation: 64
Yes, it'd be ssh server rather though, then you scp your files in. Another option is to use sftp, it's ftp over ssh, a little different than scp (scp is secure cp, sftp is secure ftp..).

Check your proftpd.conf file as well. However, like I said, even for 2 seconds, transmitting root's password in plain text is plain bad Sorry, had to use it.

I'd say to attempt an sftp first, it's actually likely you have ssh setup where you could ssh into the box and fix it from there.

And why have you installed these things as root? Shouldn't a non-existent user (nobody) run these daemons? I also setup a second existant, but far less privileged user for my "http" work. They will belong to a group (the only person in the group) that owns the file, give as little permissions as necessary:
chmod 760 filename
maybe, and use them for all the apache php work necessary.

Anyway, since you are in a bind, do your best and change that root pass ASAP after using FTP to access your box with root (should you even be able to, it's possible mandrake may have hardcoded or VERY hard conf'd it in to where root cannot do this for that very reason).

Cool
 
Old 07-20-2003, 02:39 AM   #6
Ajai
LQ Newbie
 
Registered: Jul 2003
Posts: 11

Original Poster
Rep: Reputation: 0
thanks.
you are awesome
 
Old 07-20-2003, 02:44 AM   #7
MasterC
LQ Guru
 
Registered: Mar 2002
Location: Salt Lake City, UT - USA
Distribution: Gentoo ; LFS ; Kubuntu
Posts: 12,612

Rep: Reputation: 64
You're Welcome, glad I could help

Welcome to LQ

Cool
 
Old 07-20-2003, 02:59 AM   #8
Ajai
LQ Newbie
 
Registered: Jul 2003
Posts: 11

Original Poster
Rep: Reputation: 0
I am trying to install Very Secure FTP. vsftpd

what does the author mean by
"witch to the directory created when you unpacked the vsftpd .tar.gz file.
e.g.:
cd vsftpd-1.1.2
edit "builddefs.h" to handle compile-time settings (tcp_wrappers build,etc)."

Does anyone know? Thank you
 
Old 07-20-2003, 03:07 AM   #9
MasterC
LQ Guru
 
Registered: Mar 2002
Location: Salt Lake City, UT - USA
Distribution: Gentoo ; LFS ; Kubuntu
Posts: 12,612

Rep: Reputation: 64
Does anyone know what they mean by switching to the directory or by tcp_wrappers or by the header file?



Um, switching to the directory means when you unpack a tarball, a directory with the name of the tarball (minus the tar.gz) is created, you must cd into that.
edit builddefs.h means to edit the file in that directory for build definitions, wich will include tcp_wrappers and likely gcc info. tcpwrappers are tcpd on some systems, check your /usr/sbin for tcpd if you're interested. From my iddie bit of research tcp_wrappers are another security measure for applications. I believe it helps then appear as rogue apps? Also it's a bit more speedy than standalone? This is all just heresay since I've got no real solid info for ya on it.

I'd suggest sticking with FTP for now, vsftp simply is secure because it supports chrooting itself automatically, but it's no more secure to FTP with root with that than it is with proftpd. You will still be sending it plain text, it's the protocols fault, not the applications.

sftp should be something you should look at, for now...

Cool
 
Old 07-20-2003, 03:19 AM   #10
Ajai
LQ Newbie
 
Registered: Jul 2003
Posts: 11

Original Poster
Rep: Reputation: 0
Thanks again.

I really want to go ahead with proftpd, but it is not working with the root. I will check it once again.
 
Old 07-20-2003, 03:41 AM   #11
MasterC
LQ Guru
 
Registered: Mar 2002
Location: Salt Lake City, UT - USA
Distribution: Gentoo ; LFS ; Kubuntu
Posts: 12,612

Rep: Reputation: 64
Ok, to enable root, you will need to make sure that root does not exist in that file, a simple comment in front of the name will do. Save, send a HUP to proftpd (if you are running it in inetd or xinetd send HUP's to them instead) and try again.

Cool
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ProFTPd Problems in Mandrake 10.0 Gib Sandwich Linux - Networking 5 09-03-2004 08:14 AM
Mandrake 9.2 proftpd user configuration problems biniar Linux - Newbie 4 04-03-2004 03:17 PM
GroupOwner in ProFTPd on 9.1 Mandrake AZDAVE Mandriva 0 03-10-2004 02:48 PM
proftpd and mandrake config pshepperd Linux - Software 1 08-05-2003 09:00 PM
Trouble with Proftpd and anonymous logins on Mandrake 9 carlmenezes Linux - Software 6 02-26-2003 12:29 AM


All times are GMT -5. The time now is 01:09 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration