Re: FTP server now setup for the LyX server
Christian Ridderström christian.ridderstrom at gmail.com writes: Hi, A long time ago (2012) I tried setting up an FTP server but couldn't get it to work in a fashion I felt was secure enough. But now during my vacation I've had time to try again in peace and quiet. And it seems I've got it working. Great that you could find some time to improve the wiki. If you have still some time available, could you have a look at the lyx web site as well ? There has been at some time a regression which I find awkward: when you were in the site on some English page e.g., when you clicked on one of the language flags, you went in the same page in the new language. Now you get at the home page insread. It's not very boring if the page is in the left sidebar, more if the pag is somewhere in the tree. -- Jean-Pierre
Re: FTP server now setup for the LyX server
Christian Ridderström gmail.com> writes: > > > Hi, > > > A long time ago (2012) I tried setting up an FTP server but couldn't get it to work in a fashion I felt was secure enough. But now during my vacation I've had time to try again in peace and quiet. And it seems I've got it working. Great that you could find some time to improve the wiki. If you have still some time available, could you have a look at the lyx web site as well ? There has been at some time a regression which I find awkward: when you were in the site on some English page e.g., when you clicked on one of the language flags, you went in the same page in the new language. Now you get at the home page insread. It's not very boring if the page is in the left sidebar, more if the pag is somewhere in the tree. -- Jean-Pierre
FTP server now setup for the LyX server
Hi, A long time ago (2012) I tried setting up an FTP server but couldn't get it to work in a fashion I felt was secure enough. But now during my vacation I've had time to try again in peace and quiet. And it seems I've got it working. The FTP server is VSFTP (https://security.appspot.com/vsftpd.html) and the username is as follows lyxftp Regarding the password, it's to be discussed how/when/to whom we should give it out. Personally I'm ok with the approach of allowing e.g. regular user's (from the lists) access once they ask for the password. The 'lyxftp' user is a virtual user on the FTP server daemon, not a real user no the server. It should be the only user account able to log in to the FTP. Only the uploads/-folder of the wiki should be accessible via the FTP. There is (unfortunately) no restrictions on allowed file types nor sizes. However, we still have a script on the wiki site that sends and e-mail to the doc-list when the set of uploaded files change. Further, the FTP server is at the moment not started automaticaly at reboot. What I'd like now is the following: - Discussion/consensus on when/how we give out the password - Some volunteers to help me check that it works as expected (e-mail me and I'll respond with the password) Regards, Christian PS. Note regarding the FTP configuration: I will also ask on the users' and developers' list if there's anyone experienced in VSFTP that could audit the FTP configuration, as I'm a novice at this and I want it secure. -- Christian Ridderström, +46-70 687 39 44
FTP server now setup for the LyX server
Hi, A long time ago (2012) I tried setting up an FTP server but couldn't get it to work in a fashion I felt was secure enough. But now during my vacation I've had time to try again in peace and quiet. And it seems I've got it working. The FTP server is VSFTP (https://security.appspot.com/vsftpd.html) and the username is as follows lyxftp Regarding the password, it's to be discussed how/when/to whom we should give it out. Personally I'm ok with the approach of allowing e.g. regular user's (from the lists) access once they ask for the password. The 'lyxftp' user is a "virtual user" on the FTP server daemon, not a real user no the server. It should be the only user account able to log in to the FTP. Only the "uploads/"-folder of the wiki should be accessible via the FTP. There is (unfortunately) no restrictions on allowed file types nor sizes. However, we still have a script on the wiki site that sends and e-mail to the doc-list when the set of uploaded files change. Further, the FTP server is at the moment not started automaticaly at reboot. What I'd like now is the following: - Discussion/consensus on when/how we give out the password - Some volunteers to help me check that it works as expected (e-mail me and I'll respond with the password) Regards, Christian PS. Note regarding the FTP configuration: I will also ask on the users' and developers' list if there's anyone experienced in VSFTP that could "audit" the FTP configuration, as I'm a novice at this and I want it secure. -- Christian Ridderström, +46-70 687 39 44
