Hi all,
is it possible via ProFtpd to allow one specific user to write on the server
but disable the feature for the others ?
Thanks for your time and your help
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Hi,
is it possible via ProFtpd to allow one specific user to write on the server
but disable the feature for the others ?
yes, you can do it with a mixture of Anonymous xx and
Limit APPE DELE MKD RMD STOR STOU WRITE XMKD XRMD
DenyAll
/Limit
directives. The Limit should be re-defined
Hi all,
is it possible via ProFtpd to allow one specific user to write on the server
but disable the feature for the others ?
Thanks for your time and your help
On Sun, Sep 23, 2001 at 10:47:47AM +0200, Luc MAIGNAN wrote:
Hi,
is it possible via ProFtpd to allow one specific user to write on the server
but disable the feature for the others ?
Are you talkin about normal access or anonymous?
When you use normal accounts just set up normal rights on
Hi,
is it possible via ProFtpd to allow one specific user to write on the server
but disable the feature for the others ?
yes, you can do it with a mixture of Anonymous xx and
Limit APPE DELE MKD RMD STOR STOU WRITE XMKD XRMD
DenyAll
/Limit
directives. The Limit should be re-defined
At 7:39 PM +0200 6/27/01, Jean-Marc Boursot wrote:
Moreover, I think it's a good idea to disable ftp for people with a
real valid shell (ie only include pseudo shells in /etc/shells) as it
isn't a secure protocol.
You should disable shell for any account that can access the machine
via any
Jau,
OK, I'll see that ftpd but I'm really interested in the proftpd.
I have been told that the proftpd+mysql package adds the user
administration to proftpd. The problem is that I don't use mysql, I
have installed the PostgreSQL database manager ( and I'm very happy with
it ).
Thank you for
At 7:39 PM +0200 6/27/01, Jean-Marc Boursot wrote:
Moreover, I think it's a good idea to disable ftp for people with a
real valid shell (ie only include pseudo shells in /etc/shells) as it
isn't a secure protocol.
You should disable shell for any account that can access the machine
via any
On Jun 27, 2001 13:07 -0400 [EMAIL PROTECTED] wrote to...:
| You add /bin/ftponly in /etc/shells.
|
|And if I'm not mistaken, if they are somehow now able to execute the
|chsh command, then they have a valid shell account they can log in to. :-(
|
|While they shouldn't be able to run chsh, or
On Wed, 27 Jun 2001, Jean-Marc Boursot wrote:
Yep but false (or true) is NOT a shell. So they won't be able to
execute chsh and change their login shell to a real one.
What about procmail, for example? If it is an mail-only account, it may
have procmail, and if you have procmail, you can
On Jun 27, 2001 13:07 -0400 [EMAIL PROTECTED] wrote to...:
| You add /bin/ftponly in /etc/shells.
|
|And if I'm not mistaken, if they are somehow now able to execute the
|chsh command, then they have a valid shell account they can log in to. :-(
|
|While they shouldn't be able to run chsh, or
On Wed, 27 Jun 2001, Jean-Marc Boursot wrote:
Yep but false (or true) is NOT a shell. So they won't be able to
execute chsh and change their login shell to a real one.
What about procmail, for example? If it is an mail-only account, it may
have procmail, and if you have procmail, you can
Thanks for all your answers.
With that I suppose that proftpd does not accept users with the
/bin/false shell, isn that true ?
Another question related to this one. Are there any configuration file
where we can configure the host access ( wich user is to access to
wich service ) ?
( sorry
.
greetz...
Michael
--
Linux is like wigwam - no windows, no gates, Apache inside!
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Gesendet: Mittwoch, 27. Juni 2001 18:46
An: debian-security
Betreff: Re: ProFtpd question
Thanks for all your answers.
With that I
Reidar Krogstad [EMAIL PROTECTED] writes:
And why not /bin/true ?
When I add ftp-only users I set their shell to /bin/true.
That makes them able to log in with ftp without access to a shell.
[snip]
Personal preference in choosing shells: if they have access to a service on
the box,
On Wed, Jun 27, 2001 at 02:49:20AM +0200, Jean-Marc Boursot wrote:
You create the link ftponly:
ln -s /bin/ftponly /bin/false
You add /bin/ftponly in /etc/shells.
And if I'm not mistaken, if they are somehow now able to execute the
chsh command, then they have a valid shell account they
On Wednesday 27 June 2001 19:07, [EMAIL PROTECTED] wrote:
And if I'm not mistaken, if they are somehow now able to execute the
chsh command, then they have a valid shell account they can log in
to. :-(
While they shouldn't be able to run chsh, or the equivalent, putting
their shell in
On Wednesday 27 June 2001 05:54, Brandon High wrote:
Perhaps a silly question, but why not just set the shell to
/bin/false?
You can. However, with ftponly, you can have 3 user levels:
false - only mail
ftponly - mail + FTP
??sh - mail, FTP and shell
JM
Thanks for all your answers.
With that I suppose that proftpd does not accept users with the
/bin/false shell, isn that true ?
Another question related to this one. Are there any configuration file
where we can configure the host access ( wich user is to access to
wich service ) ?
( sorry
And why not /bin/true ?
When I add ftp-only users I set their shell to /bin/true.
That makes them able to log in with ftp without access to a shell.
At 20:54 26.06.2001 -0700, Brandon High wrote:
On Wed, Jun 27, 2001 at 03:36:27AM +0200, Jean-Marc Boursot wrote:
ln -s /bin/ftponly /bin/false
.
greetz...
Michael
--
Linux is like wigwam - no windows, no gates, Apache inside!
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Gesendet: Mittwoch, 27. Juni 2001 18:46
An: debian-security
Betreff: Re: ProFtpd question
Thanks for all your answers.
With that I
Reidar Krogstad [EMAIL PROTECTED] writes:
And why not /bin/true ?
When I add ftp-only users I set their shell to /bin/true.
That makes them able to log in with ftp without access to a shell.
[snip]
Personal preference in choosing shells: if they have access to a service on
the box, /bin/true;
On Wed, Jun 27, 2001 at 02:49:20AM +0200, Jean-Marc Boursot wrote:
You create the link ftponly:
ln -s /bin/ftponly /bin/false
You add /bin/ftponly in /etc/shells.
And if I'm not mistaken, if they are somehow now able to execute the
chsh command, then they have a valid shell account they can
On Wednesday 27 June 2001 19:07, [EMAIL PROTECTED] wrote:
And if I'm not mistaken, if they are somehow now able to execute the
chsh command, then they have a valid shell account they can log in
to. :-(
While they shouldn't be able to run chsh, or the equivalent, putting
their shell in
How can I create a ftp-user ?
I know that the /bin/false shell is for non-shell users but I don't know how to create
a mail-only or ftp-only users.
Do you know how ?
( sorry for my English )
--
yoros
PGP signature
On Tuesday 26 June 2001 22:38, [EMAIL PROTECTED] wrote:
How can I create a ftp-user ?
I know that the /bin/false shell is for non-shell users but I don't
know how to create a mail-only or ftp-only users. Do you know how ?
You create the link ftponly:
ln -s /bin/ftponly /bin/false
You add
ln -s /bin/ftponly /bin/false
Wow, it's quite late in Europe. It's better like that:
ln -s /bin/false /bin/ftponly
JM
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Wed, Jun 27, 2001 at 03:36:27AM +0200, Jean-Marc Boursot wrote:
ln -s /bin/ftponly /bin/false
Wow, it's quite late in Europe. It's better like that:
ln -s /bin/false /bin/ftponly
Perhaps a silly question, but why not just set the shell to /bin/false?
-B
--
Brandon High
Hi,
I use proftpd to allow users to connect to my server via ftp. I've declared a
new user on my server, and set its home directory to /home/newuser. But in
this case, I have a security problem : when connected, the root directory for
ftp is still :/home/newuser; so he can access the tree
Look up the DefaultRoot directive in the proftpd documentation.
-hpknight
On Tue, 26 Jun 2001, Luc MAIGNAN wrote:
Hi,
I use proftpd to allow users to connect to my server via ftp. I've declared a
new user on my server, and set its home directory to /home/newuser. But in
this case, I
Just add
DefaultRoot ~
to the proftpd.conf
In this case it does not matter if your
user has a shell or not!
But better create ftp-users with no shell!
Regards,
Martin
On 26-Jun-2001 Luc MAIGNAN wrote:
Hi,
I use proftpd to allow users to connect to my server via ftp. I've
How can I create a ftp-user ?
I know that the /bin/false shell is for non-shell users but I don't know how to
create a mail-only or ftp-only users.
Do you know how ?
( sorry for my English )
--
yoros
pgpsjwAWT8gnH.pgp
Description: PGP signature
On Tuesday 26 June 2001 22:38, [EMAIL PROTECTED] wrote:
How can I create a ftp-user ?
I know that the /bin/false shell is for non-shell users but I don't
know how to create a mail-only or ftp-only users. Do you know how ?
You create the link ftponly:
ln -s /bin/ftponly /bin/false
You add
ln -s /bin/ftponly /bin/false
Wow, it's quite late in Europe. It's better like that:
ln -s /bin/false /bin/ftponly
JM
On Wed, Jun 27, 2001 at 03:36:27AM +0200, Jean-Marc Boursot wrote:
ln -s /bin/ftponly /bin/false
Wow, it's quite late in Europe. It's better like that:
ln -s /bin/false /bin/ftponly
Perhaps a silly question, but why not just set the shell to /bin/false?
-B
--
Brandon High
Look up the DefaultRoot directive in the proftpd documentation.
-hpknight
On Tue, 26 Jun 2001, Luc MAIGNAN wrote:
Hi,
I use proftpd to allow users to connect to my server via ftp. I've declared a
new user on my server, and set its home directory to /home/newuser. But in
this case, I
36 matches
Mail list logo
