Hey all, im fairly new to the whole linux environment so please bare with me as i try to explain whats going on...

I had an ftp server about a year ago. It was running off of windows 2003, and didnt have any protection on it besides the normal firewall and NAT router. I shut it down after a couple weeks because i was constantly getting password hackers and weird things trying to break in (i used Ethereal to monitor packet traffic).

Anyway, ive decided to take another swing at it and try to configure a more secure server on a more secure OS. I've found multiple HOWTO guides by surfing google BUT most/all of them want me to download a file called "openssh-4.5p1-chroot.tar.bz2", however the address they all point to does not exist! That address is "http://chroot.sourceforge.net/download/(filename)" so my main questions are where can i find this file? Is there a better one that would work? Is there a tutorial someone knows about that would get me past this?

I built a computer last week for this purpose (only had to buy a few parts so it's not like i spent $500), and now i feel like ive hit a dead end just cause a site decided to take a file down and no one else has realized it's happened except me...

Any help would be greatly appreciated, thanks.

Here's a tutorial on setting up VSFTP: http://gofedora.com/how-to-configure...server-vsftpd/

Thank you, ill go through it this afternoon.

I didn't find anything about how to chroot the user into their directory though. Is that something separate, or is just part of vsftpd? I'm using this for personal use and i dont want anonymous access to be enabled. If a couple friends end up using it as well i want everyone to have their own directory and not be able to go any higher than that for privacy/security reasons. When a user logs on i dont want them to go any higher than /var/ftp/username so all they have access to is their files and not other peoples or system files. That's where the file and website i was referring to earlier come in.

If this is all included in vsftpd then i apologize for my ignorance, lol.

EDIT: I was reading through the vsftpd.conf file and i found this...

# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
chroot_list_enable=YES
# (default follows)
chroot_list_file=/etc/vsftpd/chroot_list

i uncommented one line to activate it so now im guessing i have the chroot feature i was trying to get all along?

Yes you do

awesome, thanks

im thinking it'd be a good idea to just reinstall fedora cause ive installed so many things and changed files/settings around that i have no idea how to go back and fix it all, lol... that's what i get for being a windows guy trying to config a linux server from scratch.

start fresh with that tutorial seems to be the best option right now.

If you're not in a rush to get your ftp up and going, I would say continue with fedora as it is. You're bound to make more mistakes and starting all over again when you get in a bind is ok when you're not catering for other users. Or depending on how powerful your machine is, start again and install VirtualBox. Install another instance of Fedora into that and use it for learning. That way you don't mess up your live system.

d3adpoetic if you are using fedora 10 for a server
DO NOT fedora 10 is PASSED it's End Of Life and is no longer supported

also unless YOU LIKE down time and reinstalling a server every 6 months -- DO NOT use fedora
i would use a LONG life distro like RHEL or Cent ( or any of the other ones) that have 5 year support

no longer supported by who? why would there be so much down time and re-installation? I'm downloading fedora 12 right now. Is using fedora a huge security hole?

Dont i have to pay for RHEL? And what is Cent? i doubt im going to be using this server for 5 years... it's mostly for self-learning purposes and a challenge i set for myself since i hardly know anything about linux. I took a few classes in school about 3+ years ago, but cant remember 98% of it, lol.

The biggest thing i have against the OS is that it's more complicated then it has to be just to install something from an .rpm or tar.gz, i could be wrong, but all the ./configure and make and make install... idk, i dont get it.


EDIT: I got vsftpd to work, i can download and upload files from my windows machine using filezilla, awesome. Now the next part is getting it past the router so i can access it beyond this house. Also, how do i remote desktop into the linux machine because it wont have a monitor connected to it. I can never get RealVNC (or something like it) to work for me...

the fedora developers .Fedora is ONLY SUPPORTED for 13 months , it is a testing and R & D distro .
for fedora 10 there will NEVER be any more security updates .

fedora and arch,debain,and ubuntu,and suse ,... all have very large software repos
for fedora install the " rpmfusion" repo and use the GUI package manager
or from the terminal
as for building code , that can take some time to learn , or not.
there is a file in almost ALL source code versions called " README" and "INSTALL " and yes there names are in cpas for a reason

CentOS is essentially a rebranded RHEL, and it's free. As mentioned, it's a good choice for a server.

I got it to work!

FTP using TLS/SSL certificates, no anonymous logins, users can only access their home directories, life is good.

Oh, and i used Fedora 12. Please dont shoot me.

Only 1 thing left! I need a way to remote desktop from my windows to linux machine...

VNC?

http://www.realvnc.com/

...or NX (I've only used it from the client side - so I can't make a recommendation)

http://www.nomachine.com/download.php

Do you really want to bog your server down by giving it a desktop that you will only occasionally use? Use SSH, and strengthen your commandline skills at the same time. Find yourself some good tutorials on using bash (or whatever shell you decide on) take the time to learn commandline you won't regret it.

Well i dont have any other way of getting into it. I only have the power and network cable attached to it now. I got VNC to work a little while after my last post so that's what ive been using to make a couple small changes. I wouldnt think having it on a login screen would bog it down that much.

How do i get it to command line only? Can i get it back to a GUI if i need to?