Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have VSFTP on my freeBSD 5.4 system that my friends and I use to trade files. They all share the same account and password that I created. I have denied them shell access, and they are chrooted to their ~. However.
1: Is it possible to stop them from deleting items, but to still get and write?
2: I don't like the passwords being passed along the net plain text, is there another option other than scp for them to get and write, as I really don't want them to have shell access? If it is https, is it possible to upload large files?
The cmds_allowed option is what I was looking for in my vsftpd.conf. This is a comma seperated list of commands I would allow in an ftp session. However I am recieving this error when I try and restart the service.
Code:
OSIRIS# /usr/local/sbin/vsftpd &
[1] 12832
500 OOPS: missing value in config file for:
I googled the error and have not been able to come up with much that would help, I have posted my config file below. Thanks for any help offered.
Code:
# allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
# Uncomment this to allow local users to log in.
local_enable=YES
# Uncomment this to enable any form of FTP write command.
write_enable=YES
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
#local_umask=022
anon_upload_enable=NO
anon_mkdir_write_enable=NO
# Activate directory messages
dirmessage_enable=YES
# Activate logging of uploads/downloads.
xferlog_enable=YES
# Make sure PORT transfer connections originate from port 20 (ftp-data).
#connect_from_port_20=YES
chown_uploads=YES
chown_username=ftp_user
xferlog_file=/var/log/vsftpd.log
#xferlog_std_format=YES
idle_session_timeout=600
data_connection_timeout=120
nopriv_user=nobody
#ascii_upload_enable=YES
#ascii_download_enable=YES
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd.banned_emails
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
#ls_recurse_enable=YES
listen=YES
background=YES
pasv_enable=YES
pasv_max_port=20000
pasv_min_port=15000
pasv_promiscuous=YES
log_ftp_protocol=YES
cmds_allowed=ABOR,CWD,LIST,MDTM,MKD,NLST,PASS,PASV,PORT,PWD,QUIT,RETR,SIZE,STOR,TYPE,USER,ACCT,HELP,SYST
Sorry if this should be a thread in an different forum. As it was related to my original post I thought it should stay here.
Many thanks in advance.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.