[SLE] ftp shell accounts
How does one set up ftp-only accounts? This is to be use for updating web pages. *--------------------------------* | Chris Large clarge@macn.bc.ca | | http://gone for now | *--------------------------------* -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
Hi, On Thu, 19 Oct 2000, Chris Large wrote:
How does one set up ftp-only accounts? This is to be use for updating web pages.
Simple, just add them using YaST and use /bin/false as their login shell (/bin/passwd is also common, this allows them to change their password using telnet). Adjust the home directory to the directory used for ftp transfer. However be advised, that ftp sends passwords in plain text over the wire! Anybody could sniff this traffic and break into this account. Bye, LenZ -- ------------------------------------------------------------------ Lenz Grimmer SuSE GmbH mailto:grimmer@suse.de Schanzaeckerstr. 10 http://www.suse.de/~grimmer/ 90443 Nuernberg, Germany Pretending sleep is the most common birth control device. -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
On Thursday 19 October 2000 17:23, Lenz Grimmer wrote:
transfer. However be advised, that ftp sends passwords in plain text over the wire! Anybody could sniff this traffic and break into this account.
So, he (we all) should be using ssh and, in particular, scp to transfer the files. scp is the command line "secure" ftp-equivalent, the only one I am aware of... alternatives? Alvaro Novo SuSE 6.4 Kernel 2.2.16 KDE 2.0 RC2 -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
Hi is there any doc about how to setup ssh or ssh2 under SuSE 6.4 and/or SuSE 7.x ? Thanks --ed -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
On 19 Oct 00, at 16:29, Linux News User wrote:
Hi is there any doc about how to setup ssh or ssh2 under SuSE 6.4 and/or SuSE 7.x ?
Download both packages, unpack, run the ./configure in the unpacked directory, than make, and make install. I recommend to those steps first with ssh1 and then with ssh2. That way your ssh will be configured to be compatible with both versions by the install. -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
How does one set up ftp-only accounts? This is to be use for updating web pages.
Simple, just add them using YaST and use /bin/false as their login shell
We have all accounts set to /bin/false, but they still can dial-in and get a full connection via our accounting software which uses radius. They just can't telnet in.
(/bin/passwd is also common, this allows them to change their password using telnet). Adjust the home directory to the directory used for ftp transfer. However be advised, that ftp sends passwords in plain text over the wire! Anybody could sniff this traffic and break into this account.
The idea is a Joe can dial-in as normal user then he ftp's to Cindy's account to up load web pages. Cindy's account does nothing but hold web pages. This is what i'm after. *--------------------------------* | Chris Large clarge@macn.bc.ca | | http://gone for now | *--------------------------------* -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
On Fri, 20 Oct 2000, Lenz Grimmer wrote:
transfer. However be advised, that ftp sends passwords in plain text over the wire! Anybody could sniff this traffic and break into this account.
How would it be possible to force a ftp account and/or connection to use SSH-only for a secured session? Thanks! Christopher Reimer -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
We need to also keep the FTP user from changing to such directories as /bin , /etc. Tried the rooting suggestions in the MAN pages but then don't seem to be able to list what's in the FTP directories. Any ideas? Robert
From: Lenz Grimmer
, on 10/19/00 7:45 PM: Hi, On Thu, 19 Oct 2000, Chris Large wrote:
How does one set up ftp-only accounts? This is to be use for updating web pages.
Simple, just add them using YaST and use /bin/false as their login shell (/bin/passwd is also common, this allows them to change their password using telnet). Adjust the home directory to the directory used for ftp transfer. However be advised, that ftp sends passwords in plain text over the wire! Anybody could sniff this traffic and break into this account.
Bye, LenZ -- ------------------------------------------------------------------ Lenz Grimmer SuSE GmbH mailto:grimmer@suse.de Schanzaeckerstr. 10 http://www.suse.de/~grimmer/ 90443 Nuernberg, Germany Pretending sleep is the most common birth control device.
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
<HR> <UL> <LI>application/octet-stream attachment: ATTRIBS.BND </UL> N§²æìržzǧué[h²ë)îÅ맲æìržzˬyÊ&ÚuØÚÊ&©Ý²Ç§ué[h²ë)îÅè^.±ç([(rØ^¶m§ÿðÃ.±ç(û.Š+·÷Ú
* Robert Copelan (robertc@mindspring.com) [001022 02:01]:
We need to also keep the FTP user from changing to such directories as /bin , /etc. Tried the rooting suggestions in the MAN pages but then don't seem to be able to list what's in the FTP directories. Any ideas?
If you use a chroot environment, you have to copy all necessary libraries
and tools to that chroot environment as those in the regular environment
aren't accessable from inside the chroot environment. For example, here's
the contents of the sample ftp environment that gets created when you choose
to install that package:
/usr/local/ftp/msgs/msg.dead
/usr/local/ftp/msgs/welcome.msg
/usr/local/ftp/usr/bin/ls
/usr/local/ftp/usr/bin/gzip
/usr/local/ftp/etc/passwd
/usr/local/ftp/etc/group
/usr/local/ftp/lib/libnss_files.so.2
/usr/local/ftp/lib/libc.so.6
/usr/local/ftp/lib/ld-linux.so.2
/usr/local/ftp/bin/ls
/usr/local/ftp/bin/tar
/usr/local/ftp/bin/compress
Ahh yes, the FTP directories have, of course, also to be in that directory
tree as symlinks obviously won't (and can't) work.
Philipp
--
Philipp Thomas
participants (8)
-
clarge@macn.bc.ca
-
creimer@rahul.net
-
grimmer@suse.de
-
linux@ods.co.cr
-
mmankows@bellatlantic.net
-
novo@uiuc.edu
-
pthomas@suse.de
-
robertc@mindspring.com