LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   chrooted SFTP + FTP server (http://www.linuxquestions.org/questions/linux-server-73/chrooted-sftp-ftp-server-497254/)

TotalDefiance 10-31-2006 12:09 PM

chrooted SFTP + FTP server
 
haven't found anything on the unification of these two protocols...


we'd like to build an ftp/sftp appliance, allowing both protocols if needed. one user can have the possibility ofg logging in via ftp, or sftp, and be chrooted in the same directory. I know this is technically possible, but would be an administrative nightmare if managed seperately.

so...has anyone heard of or implemented an integrated ftp/sftp system like what I am describing?

much thanks.

TotalDefiance 11-02-2006 08:25 AM

I forgot to note that we would preferably like to use sldap/ldap to authenticate users, which means that it should ideally be possible even to setup ftp/sftp systems seperately.... but with the same chrooted environments.....hmmm

mattdyke 12-07-2006 02:48 PM

I have not heard of this, but i am also trying to do the same.. The problem as i have seen it is that i can't have something like RSSH as a virtual shell for the users and still have them be able to login using FTP with the same name, because of the restrictions set forth by RSSH allowing only certian connections.

If there is a way to copy over or dynamically link FTP services to users while using a different shell or copying over the libs as you would do with a normal chroot enviroment, but every option that i have tried has not come up with anything useful results.. if anyone has any ideas please advise

TotalDefiance 12-07-2006 09:44 PM

sadly, the need for this was erased due to a file transfer appliance utilizing https being purchased.


my end conclusion was to setup chrooted ftp and ssh/scp services separately. however, both would use ldap and refer to the same directory regardless of services used to connect. this way, it would *appear* to the end user to be the same (since the chroot location would be the same either way). this would minimize management by utilizing ldap, so it's not as if user account would have to be created twice (once for ftp, once for ssh). you could us the local passwd file as well of course as an authentication source for both.

for example, if the user JohnFoo authenticated:

$LDAP_user=JohnFoo

ftp would chroot to: /home/jail/home/$LDAP_user/

and

ssh would chroot to: /home/jail/home/$LDAP_user/


problem solved!....conceptually

mattdyke 12-08-2006 08:37 AM

Thanks ill try it that way then .. ill just have to read a bit more on LDAP, since i only know a little about it


All times are GMT -5. The time now is 09:22 AM.