Re: [Nolug] ProFTPD help

From: Dustin Puryear <dustin_at_puryear-it.com>
Date: Tue, 09 Oct 2007 08:59:57 -0500
Message-ID: <470B895D.8010703@puryear-it.com>

No, I think you can do it. First, to clarify, do you mean FTP over SSL
or SSH's sftp?

If you mean SSH's sftp, then I believe you can modify
~/.ssh/authorized_keys to specify the exact command a user with a given
public key can use. This should allow you to restrict them to only sftp.

I'm sure there are other tricks. So, if you don't want to require the
use of keys, then I'm sure a little login trickery could be done.

--
Puryear Information Technology, LLC
Baton Rouge, LA * 225-706-8414
http://www.puryear-it.com
Author, "Best Practices for Managing Linux and UNIX Servers"
  http://www.puryear-it.com/pubs/linux-unix-best-practices
Identity Management, LDAP, and Linux Integration
John Souvestre wrote:
> Hi Dustin.
> 
> Yep.  :)
> 
> About the only thing I wasn't able to accomplish was to support SFTP.  From what
> I gather the user needs shell access to accomplish this.  But we don't want to
> give them shell access, just FTP.
> 
> I did read about some commercial solutions (ssh2, WS-FTP server w/ ssh) but they
> cost more than we would like.  Rssh is an option in those cases where the
> customer really needs it, but it is a bit messy.
> 
> Oh well, you can't have everything!  :)
> 
> John
> 
>     John Souvestre - Southern Star & Integrated Data Systems - www.sstar.com
> 
> 
>  > -----Original Message-----
>  > From: owner-nolug@covington.redfishnetworks.com [mailto:owner-
>  > nolug@covington.redfishnetworks.com] On Behalf Of Dustin Puryear
>  > Sent: Tuesday, October 09, 2007 8:34 AM
>  > To: nolug@nolug.org
>  > Subject: Re: [Nolug] ProFTPD help
>  > 
>  > No problem. Glad you got it resolved. So what was the problem? :)
>  > 
>  > --
>  > Puryear Information Technology, LLC
>  > Baton Rouge, LA * 225-706-8414
>  > http://www.puryear-it.com
>  > 
>  > Author, "Best Practices for Managing Linux and UNIX Servers"
>  >   http://www.puryear-it.com/pubs/linux-unix-best-practices
>  > 
>  > Identity Management, LDAP, and Linux Integration
>  > 
>  > 
>  > John Souvestre wrote:
>  > > Hi Dustin.
>  > >
>  > > Yes, I've pretty well got it worked out.  Thanks!
>  > >
>  > > John
>  > >
>  > >     John Souvestre - Southern Star & Integrated Data Systems -
>  > www.sstar.com
>  > >
>  > >  > -----Original Message-----
>  > >  > From: owner-nolug@covington.redfishnetworks.com [mailto:owner-
>  > >  > nolug@covington.redfishnetworks.com] On Behalf Of Dustin Puryear
>  > >  > Sent: Monday, October 08, 2007 9:02 PM
>  > >  > To: nolug@nolug.org
>  > >  > Subject: Re: [Nolug] ProFTPD help
>  > >  >
>  > >  > Hi John. I'll be sure to give you a ring tomorrow, but it's a tad late
>  > >  > to do so now. Did you get this resolved?
>  > >  >
>  > >  > --
>  > >  > Puryear Information Technology, LLC
>  > >  > Baton Rouge, LA * 225-706-8414
>  > >  > http://www.puryear-it.com
>  > >  >
>  > >  > Author, "Best Practices for Managing Linux and UNIX Servers"
>  > >  >   http://www.puryear-it.com/pubs/linux-unix-best-practices
>  > >  >
>  > >  > Identity Management, LDAP, and Linux Integration
>  > >  >
>  > >  >
>  > >  > John Souvestre wrote:
>  > >  > > Hi all.
>  > >  > >
>  > >  > > I'm having some trouble getting ProFTPD setup the way I need it.
>  > Since I
>  > >  > have a
>  > >  > > customer pushing me to get it done, and I don't have the time to
>  > research
>  > >  > it
>  > >  > > properly, I'm interested in paying for some consulting time if there
>  > is
>  > >  > anyone
>  > >  > > who could assist me.
>  > >  > >
>  > >  > > I need help getting file and directory permissions set correctly,
>  > setting
>  > >  > > different options (overwrite, read, etc...) for different users, SFTP
>  > with
>  > >  > no
>  > >  > > shell access, and a few other things.
>  > >  > >
>  > >  > > If you can help please give me a call at 504-258-6247 (cell).
>  > >  > >
>  > >  > > Thanks!
>  > >  > >
>  > >  > > John
>  > >  > >
>  > >  > >     John Souvestre - Southern Star & Integrated Data Systems -
>  > >  > www.sstar.com
>  > >  > >
>  > >  > >
>  > >  > >
>  > >  > > ___________________
>  > >  > > Nolug mailing list
>  > >  > > nolug@nolug.org
>  > >  > ___________________
>  > >  > Nolug mailing list
>  > >  > nolug@nolug.org
>  > >
>  > > ___________________
>  > > Nolug mailing list
>  > > nolug@nolug.org
>  > ___________________
>  > Nolug mailing list
>  > nolug@nolug.org
> 
> ___________________
> Nolug mailing list
> nolug@nolug.org
___________________
Nolug mailing list
nolug@nolug.org
Received on 10/09/07

This archive was generated by hypermail 2.2.0 : 12/19/08 EST