Something just doesn't sound right. I would think that ProFTPD is doing
FTP over SSL, not SSH's sftp.
-- Puryear Information Technology, LLC Baton Rouge, LA * 225-706-8414 http://www.puryear-it.com Author, "Best Practices for Managing Linux and UNIX Servers" http://www.puryear-it.com/pubs/linux-unix-best-practices Identity Management, LDAP, and Linux Integration John Souvestre wrote: > Hi Dustin. > > SSH's SFTP. From what I gather, ProFTPD uses the OpenSSL/SSH stuff, thus there > needs to be a login shell which allows access to them. Even if you have a shell > which allows access to just them, you still need to CHROOT the shell else the > user can SFTP all over the place. > > John > > John Souvestre - Southern Star & Integrated Data Systems - www.sstar.com > > > > -----Original Message----- > > From: owner-nolug@covington.redfishnetworks.com [mailto:owner- > > nolug@covington.redfishnetworks.com] On Behalf Of Dustin Puryear > > Sent: Tuesday, October 09, 2007 9:00 AM > > To: nolug@nolug.org > > Subject: Re: [Nolug] ProFTPD help > > > > No, I think you can do it. First, to clarify, do you mean FTP over SSL > > or SSH's sftp? > > > > If you mean SSH's sftp, then I believe you can modify > > ~/.ssh/authorized_keys to specify the exact command a user with a given > > public key can use. This should allow you to restrict them to only sftp. > > > > I'm sure there are other tricks. So, if you don't want to require the > > use of keys, then I'm sure a little login trickery could be done. > > > > -- > > Puryear Information Technology, LLC > > Baton Rouge, LA * 225-706-8414 > > http://www.puryear-it.com > > > > Author, "Best Practices for Managing Linux and UNIX Servers" > > http://www.puryear-it.com/pubs/linux-unix-best-practices > > > > Identity Management, LDAP, and Linux Integration > > > > > > John Souvestre wrote: > > > Hi Dustin. > > > > > > Yep. :) > > > > > > About the only thing I wasn't able to accomplish was to support SFTP. From > > what > > > I gather the user needs shell access to accomplish this. But we don't want > > to > > > give them shell access, just FTP. > > > > > > I did read about some commercial solutions (ssh2, WS-FTP server w/ ssh) but > > they > > > cost more than we would like. Rssh is an option in those cases where the > > > customer really needs it, but it is a bit messy. > > > > > > Oh well, you can't have everything! :) > > > > > > John > > > > > > John Souvestre - Southern Star & Integrated Data Systems - > > www.sstar.com > > > > > > > > > > -----Original Message----- > > > > From: owner-nolug@covington.redfishnetworks.com [mailto:owner- > > > > nolug@covington.redfishnetworks.com] On Behalf Of Dustin Puryear > > > > Sent: Tuesday, October 09, 2007 8:34 AM > > > > To: nolug@nolug.org > > > > Subject: Re: [Nolug] ProFTPD help > > > > > > > > No problem. Glad you got it resolved. So what was the problem? :) > > > > > > > > -- > > > > Puryear Information Technology, LLC > > > > Baton Rouge, LA * 225-706-8414 > > > > http://www.puryear-it.com > > > > > > > > Author, "Best Practices for Managing Linux and UNIX Servers" > > > > http://www.puryear-it.com/pubs/linux-unix-best-practices > > > > > > > > Identity Management, LDAP, and Linux Integration > > > > > > > > > > > > John Souvestre wrote: > > > > > Hi Dustin. > > > > > > > > > > Yes, I've pretty well got it worked out. Thanks! > > > > > > > > > > John > > > > > > > > > > John Souvestre - Southern Star & Integrated Data Systems - > > > > www.sstar.com > > > > > > > > > > > -----Original Message----- > > > > > > From: owner-nolug@covington.redfishnetworks.com [mailto:owner- > > > > > > nolug@covington.redfishnetworks.com] On Behalf Of Dustin Puryear > > > > > > Sent: Monday, October 08, 2007 9:02 PM > > > > > > To: nolug@nolug.org > > > > > > Subject: Re: [Nolug] ProFTPD help > > > > > > > > > > > > Hi John. I'll be sure to give you a ring tomorrow, but it's a tad > > late > > > > > > to do so now. Did you get this resolved? > > > > > > > > > > > > -- > > > > > > Puryear Information Technology, LLC > > > > > > Baton Rouge, LA * 225-706-8414 > > > > > > http://www.puryear-it.com > > > > > > > > > > > > Author, "Best Practices for Managing Linux and UNIX Servers" > > > > > > http://www.puryear-it.com/pubs/linux-unix-best-practices > > > > > > > > > > > > Identity Management, LDAP, and Linux Integration > > > > > > > > > > > > > > > > > > John Souvestre wrote: > > > > > > > Hi all. > > > > > > > > > > > > > > I'm having some trouble getting ProFTPD setup the way I need it. > > > > Since I > > > > > > have a > > > > > > > customer pushing me to get it done, and I don't have the time to > > > > research > > > > > > it > > > > > > > properly, I'm interested in paying for some consulting time if > > there > > > > is > > > > > > anyone > > > > > > > who could assist me. > > > > > > > > > > > > > > I need help getting file and directory permissions set correctly, > > > > setting > > > > > > > different options (overwrite, read, etc...) for different users, > > SFTP > > > > with > > > > > > no > > > > > > > shell access, and a few other things. > > > > > > > > > > > > > > If you can help please give me a call at 504-258-6247 (cell). > > > > > > > > > > > > > > Thanks! > > > > > > > > > > > > > > John > > > > > > > > > > > > > > John Souvestre - Southern Star & Integrated Data Systems - > > > > > > www.sstar.com > > > > > > > > > > > > > > > > > > > > > > > > > > > > ___________________ > > > > > > > Nolug mailing list > > > > > > > nolug@nolug.org > > > > > > ___________________ > > > > > > Nolug mailing list > > > > > > nolug@nolug.org > > > > > > > > > > ___________________ > > > > > Nolug mailing list > > > > > nolug@nolug.org > > > > ___________________ > > > > Nolug mailing list > > > > nolug@nolug.org > > > > > > ___________________ > > > Nolug mailing list > > > nolug@nolug.org > > ___________________ > > Nolug mailing list > > nolug@nolug.org > > ___________________ > Nolug mailing list > nolug@nolug.org ___________________ Nolug mailing list nolug@nolug.orgReceived on 10/09/07
This archive was generated by hypermail 2.2.0 : 12/19/08 EST