Re: q ad ftp- w/o system-accounts
On Tue, 31 Jul 2001 10:17:56 CDT, Haim Dimermanas writes: Hmm, I don´t want to cope with LDAP and/or MySQL just for a bunch of ftp-accounts (~ 30). Flat berkeley-db-files are much more appealing for such small numbers (they´re definitely not supposed to grow, not on this box, it´s just that I´m much more security-aware since it was hacked not long ago). I agree. 30 accounts is not much. Now to say that it's not enough for you to deploy a scalable (and very secure) solution that would solve your problem(s), I disagree. I wrote a doc explaining how to install MySQL step by step. If you keep your installation current and up-to-date, you should be ok when it comes to security. I tried, but MySQL is Just Too Much for that box (it´s a lowly 486 w/ 32 MB RAM and already running at load 0.8++ most of the time[0]). Anyway, I´ve now got it (mentioning it here for the sake the search-engines): proftpd.conf: AuthUserFile/etc/proftpd.users AuthGroupFile /etc/proftpd.groups RequireValidShell no PersistentPasswdoff Usernobody Group nogroup DefaultRoot ~ proftpd.users: waldner:crypt()-pw:1000:1000:Robert Waldner,,,:/home/waldner:/bin/false et voila. 0: mailhub for ~ 3k mails/day, webserver for ~ 400 hits/day, approx. 1200 dns-queries/day. Man, I *like* the hardware-requiremnts of sane OSs. cheers, rw -- / Ing. Robert Waldner | [EMAIL PROTECTED] \ \ Xsoft GmbH | T: +43 1 796 36 36 692 / PGP signature
Re: q ad ftp- w/o system-accounts
Anyway, I´ve now got it (mentioning it here for the sake the search-engines): I must say, it is very clever. I guess I did not spend enough time on reading the doc. You found a great solution :-) Haim. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: q ad ftp- w/o system-accounts
Hmm, I don´t want to cope with LDAP and/or MySQL just for a bunch of ftp-accounts (~ 30). Flat berkeley-db-files are much more appealing for such small numbers (they´re definitely not supposed to grow, not on this box, it´s just that I´m much more security-aware since it was hacked not long ago). I agree. 30 accounts is not much. Now to say that it's not enough for you to deploy a scalable (and very secure) solution that would solve your problem(s), I disagree. I wrote a doc explaining how to install MySQL step by step. If you keep your installation current and up-to-date, you should be ok when it comes to security. I basically suggest you give it a shot. After all, it does solve your problem. Haim. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: q ad ftp- w/o system-accounts
Hey Robert,
I strongly suggest you take a look at ProFTPd with the LDAP or MySQL modules.
You can put all your users information in a directory or an SQL database
(homedir, username, pass, etc) and have the FTP server look in there.
For more info on how to set it up, take a look at the doc I wrote:
http://dudle.linuxroot.org/docs/proftpd/
Haim.
P.S. : Please give me some feedback on this doc. I would like to know what the
community thinks.
Robert Waldner wrote:
Hi!
(This is probably a PAM-question, too, but..)
I just got cyrus to work w/o having system- (eg shell-) accounts, but
now I need to get ftp to work also :/
proftpd uses PAM, which is good as there´s pam_userdb.so. This far I´m
sufficiently clued. But I don´t get how I can tell it to set the
userdir to, let´s say, /home/$luser/ftp based an the key out of the
.db-file.
Any hints?
cheers+tia,
rw
--
@o=qw(Nu Wjoepxt2l Mjdsptpgu);@p=(jt gvdlfe vq,jt tiju,tvdlt);
for($i=0;$i@p;$i++){$o[$i]=~y/b-y/a-z/;$p[$i]=~y/b-y/a-z/;}
while(){print $o[((rand)*3)]. .$p[((rand)*3)].\n;}
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: q ad ftp- w/o system-accounts
Robert Waldner wrote: (This is probably a PAM-question, too, but..) I just got cyrus to work w/o having system- (eg shell-) accounts, but now I need to get ftp to work also :/ proftpd uses PAM, which is good as there´s pam_userdb.so. This far I´m sufficiently clued. But I don´t get how I can tell it to set the userdir to, let´s say, /home/$luser/ftp based an the key out of the .db-file. On Mon, 30 Jul 2001 08:12:42 EDT, Haim Dimermanas writes: I strongly suggest you take a look at ProFTPd with the LDAP or MySQL modules. You can put all your users information in a directory or an SQL database (homedir, username, pass, etc) and have the FTP server look in there. Hmm, I don´t want to cope with LDAP and/or MySQL just for a bunch of ftp-accounts (~ 30). Flat berkeley-db-files are much more appealing for such small numbers (they´re definitely not supposed to grow, not on this box, it´s just that I´m much more security-aware since it was hacked not long ago). For more info on how to set it up, take a look at the doc I wrote: http://dudle.linuxroot.org/docs/proftpd/ Well-written and, seemingly, quite complete, even if I won´t try that on my box (see above) ;-) cheers, rw -- / Ing. Robert Waldner | [EMAIL PROTECTED] \ \ Xsoft GmbH | T: +43 1 796 36 36 692 / PGP signature
q ad ftp- w/o system-accounts
Hi! (This is probably a PAM-question, too, but..) I just got cyrus to work w/o having system- (eg shell-) accounts, but now I need to get ftp to work also :/ proftpd uses PAM, which is good as there´s pam_userdb.so. This far I´m sufficiently clued. But I don´t get how I can tell it to set the userdir to, let´s say, /home/$luser/ftp based an the key out of the .db-file. Any hints? cheers+tia, rw -- / Ing. Robert Waldner | [EMAIL PROTECTED] \ \ Xsoft GmbH | T: +43 1 796 36 36 692 / PGP signature
