LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   anonymous login to ftp (https://www.linuxquestions.org/questions/linux-newbie-8/anonymous-login-to-ftp-769995/)

vigilkumar 11-18-2009 11:49 AM
anonymous login to ftp
 
hi i want to know how to allow all the users of a particular domain anonymous access to my ftp server.I also dont want other users other than from this particular domain access my ftp server anonymously.i am using red hat enterprise linux version 4.

ShadowCat8 11-18-2009 11:58 AM
Hmmm....

Well, lets start with which ftp package are you using?

And a question I have would be: Are you going to allow authenticated access from everywhere else? Or is it only out to the web so the folks from that domain can drop you files that can't be emailed?

Let us know.

rweaver 11-18-2009 12:45 PM
Quote:
Originally Posted by vigilkumar (Post 3761548)
hi i want to know how to allow all the users of a particular domain anonymous access to my ftp server.I also dont want other users other than from this particular domain access my ftp server anonymously.i am using red hat enterprise linux version 4.
Depending on the ftp daemons features this may be easily feasible or you might need to turn to an outside source (iptables) to accomplish this. As the previous poster suggested, knowing what ftp daemon you're using is the first step.

lazlow 11-18-2009 01:54 PM
Assuming you do not need any external access, you could just set you hosts.allow file appropriately.

vigilkumar 11-19-2009 04:21 AM
anonymous login to ftp
 
i am using the vsftpd daemon.To use the hosts.allow file the vsftpd has to run as a xinetd controlled service; right? if it is so then how should i run vsftpd as an xinetd service so that i can allow anonymous access to users of a particular domain only.

ShadowCat8 11-19-2009 02:17 PM
Quote:
Originally Posted by vigilkumar (Post 3762430)
i am using the vsftpd daemon.To use the hosts.allow file the vsftpd has to run as a xinetd controlled service; right? if it is so then how should i run vsftpd as an xinetd service so that i can allow anonymous access to users of a particular domain only.
Ummm, no. The /etc/hosts.allow file does not need to have inetd/xinetd running to be effective. We do not run (x)inetd at my office at all, though we *do* run sshd, samba, apache, tomcat, etc. and use /etc/hosts.[allow,deny] to get finer access control to services.

But, I am still a bit curious and/or confused as to why you are needing anonymous access to the server from one specific domain. It seems a dangerous way to go for security, IMHO. Is this one of the domains you control and are trying to tie connections between that domain and another?

As far as getting this set up, it would seem that you can definitely use the /etc/hosts.allow file to look for connections coming from the specific domain and for the specific daemon (vsftpd) and have it run a script when the server sees the connection coming in to be able to set up your connection any way you want. I was looking at the vsftpd config manual and it seems like they have the capability of separating the anonymous access away from the regular user access as well if you want.

HTH.


All times are GMT -5. The time now is 09:56 PM.