I am trying to setup an FTP server that will only accept file from one ip per customer. example customer A ftp's into customer's A account on the ftp server from ip xxx.xxx.xxx.12 customer B ftp's into customer's B account on the ftp server from ip xxx.xxx.xxx.10 I want to stop customer A ftp's into customer B's account on the ftp server from ip xxx.xxx.xxx.12 I do not want customer A to be able to get to customer B's account. I can deny access to all machines in the host.deny file and allow only xxx.xxx.xxx.10 and xxx.xxx.xxx.12 but customer A/B can still get to both accounts? It is possible to lock this down more? Thanks in Advance Dany Allard P.S. let me know if you need more info
On Tue, 12 Dec 2000, Dany Allard wrote:
I can deny access to all machines in the host.deny file and allow only xxx.xxx.xxx.10 and xxx.xxx.xxx.12 but customer A/B can still get to both accounts?
It is possible to lock this down more?
Hello Dany, with wu.ftpd there should be 2 lines like class custAclass accountA ipA class custBclass accountB ipB in /etc/ftpaccess (I could be wrong, so better read man ftpaccess... ;) Proftpd could also be a good choice, but I don't know it. Ciao, Peter -- Peter Münster GMV - Université de Rennes 1 Campus de Beaulieu - Bât. 11B 35042 Rennes Cedex Tel : +33/0 - 2 99 28 67 51 Fax : +33/0 - 2 99 28 16 74 http://w3pm.stormloader.com/
I have changed my ftp access file and have read the man page for ftpaccess. However I can still login from any machine. Can someone look at my ftpaccess file and see if there is anything wrong with it. I am trying to restrict access to the testuser account to one ip. thanks again Dany Allard *********** ftpaccess file*************** restricted-uid * class testuser guest xxx.xxx.xxx.111 email test@domain.com loginfails 5 greeting terse hostname ftp.domain.com message /welcome.msg login message .message cwd=* compress yes guest tar yes guest chmod no guest delete yes guest overwrite no guest rename yes guest path-filter guest /etc/pathmsg ^[-A-Za-z0-9_\.]*$ ^\. ^- log transfers guest inbound,outbound shutdown /etc/shutmsg passwd-check rfc822 warn guestuser testuser noretrieve core .notar ******* end ftpaccess file ********** Peter Münster wrote:
On Tue, 12 Dec 2000, Dany Allard wrote:
I can deny access to all machines in the host.deny file and allow only xxx.xxx.xxx.10 and xxx.xxx.xxx.12 but customer A/B can still get to both accounts?
It is possible to lock this down more?
Hello Dany, with wu.ftpd there should be 2 lines like class custAclass accountA ipA class custBclass accountB ipB in /etc/ftpaccess (I could be wrong, so better read man ftpaccess... ;) Proftpd could also be a good choice, but I don't know it. Ciao, Peter
On Tue, 12 Dec 2000, Dany Allard wrote:
I have changed my ftp access file and have read the man page for ftpaccess.
It works only for wu.ftpd, so check your /etc/inetd.conf! But as Kurt mentioned: proftpd is perhaps a better choice. Bye, Peter -- Peter Münster GMV - Université de Rennes 1 Campus de Beaulieu - Bât. 11B 35042 Rennes Cedex Tel : +33/0 - 2 99 28 67 51 Fax : +33/0 - 2 99 28 16 74 http://w3pm.stormloader.com/
participants (2)
-
Dany Allard -
Peter Münster