| View previous topic :: View next topic |
| Author |
Message |
eltech
Guru
Joined: 05 Nov 2002
Posts: 582
Location: New York
|
 Posted: Thu May 06, 2004 7:54 pm Post subject: proftpd config file |
 |
|
I have seen a few here on the forums, but i'd like to see a config file that allows multiple users: ex. user1, user2, blah .. blah access to one directory ..
not all users are users on box, most actually arent .. ..
i am coming from glftpd .. and because ipcop has caused glftpd to function improperly, i have to look at a new ftpd .. i installed proftpd, its works locally as i need, but the configuration is confusing me ...
maybe a look at a few files will help me understand as glftpd's config is way different ..
thanks .. |
|
| Back to top |
|
 |
Thoreau
n00b
Joined: 29 Apr 2004
Posts: 38
|
| Posted: Fri May 07, 2004 2:23 am Post subject: |
|
|
| so you want to create ftp accounts, but not give them accounts on your box? I'm just trying to get a feel for the problem |
|
| Back to top |
|
|
eltech
Guru
Joined: 05 Nov 2002
Posts: 582
Location: New York
|
| Posted: Fri May 07, 2004 2:56 am Post subject: |
|
|
| Thoreau wrote: | | so you want to create ftp accounts, but not give them accounts on your box? I'm just trying to get a feel for the problem |
Well .. not really a problem .. just curious ..
basically .. why should a ftp user have an account on the box? so yea i want to create ftp accounts but not give them accounts on the box...
i dont want any anon access .. and its basically just that .. a ftp .. multiple users can log in and download files .. so ...
joe can log in with his pass
bob can log in with his pass
eltech can log in with his pass ..
none of them are users on the box ..
and they all acess the ftp to download files .. |
|
| Back to top |
|
|
eltech
Guru
Joined: 05 Nov 2002
Posts: 582
Location: New York
|
| Posted: Fri May 07, 2004 4:40 am Post subject: |
|
|
figured out alot .. but a few things ..
- How can i set limits for what user joe and bob can do in /home/ftp
I would like that only joe can upload or download, but bob can do neither |
|
| Back to top |
|
|
eltech
Guru
Joined: 05 Nov 2002
Posts: 582
Location: New York
|
| Posted: Fri May 07, 2004 4:50 am Post subject: |
|
|
ok .. figured that out .. here is what my config looks like so far ..
| Code: |
ServerIdent on "Please enter your username and password. Anonymous logins are disabled.
ServerName EXAMPLE
ServerType standalone
ServerAdmin Private@whatever.net
DeferWelcome on
#ShowDotFiles off
ShowSymlinks on
MultilineRFC2228 on
DefaultServer on
AllowOverwrite on
MaxClients 10
MaxClientsPerHost 1 "You are already logged on once."
RequireValidShell off
DefaultChdir /home/ftp
DefaultRoot /home/ftp
Umask 022
TimeoutNoTransfer 1800
TimeoutStalled 100
TimeoutLogin 60
TimeoutIdle 1200
RootLogin off
UseFtpUsers off
Port 2021
MaxInstances 30
ExtendedLog /var/log/ftp.log auth,all
ListOptions "-l"
DenyFilter \*.*/
# Set the user and group that the server normally runs at.
User proftpd
Group proftpd
# Lock users into the FTP-ROOT directory
DefaultRoot ~
## PUBLIC DIRECTORY /home/ftp ##
<Directory /home/ftp>
HideNoAccess on
<Limit READ WRITE>
DenyAll
AllowUser lenny
</Limit>
AllowAll
</Directory>
|
while this all works ..
seems like i cant FXP .. anyway to make that work?
EDIT: AllowForeignAddress on That fixed it up .. its not like glftpd and its unfortunate that i have to use proftpd, but cant figure out that glftpd problem .. oh well .. thanks all .. |
|
| Back to top |
|
|
To
Veteran
Joined: 12 Apr 2003
Posts: 1145
Location: Coimbra, Portugal
|
| Posted: Fri May 07, 2004 9:37 am Post subject: |
|
|
You can allways give an account to the users and don't give them a shell, that way can only connect via ftp for example. On your passwd:
| Code: | | user-example:x:1000:100::/home/user-example:/bin/bash |
into:
| Code: | | user-example:x:1000:100::/home/user-example:/bin/false |
Tó
_________________
------------------------------------------------
Linux Gandalf 3.2.35-grsec
Gentoo Base System version 2.2
------------------------------------------------ |
|
| Back to top |
|
|
Thoreau
n00b
Joined: 29 Apr 2004
Posts: 38
|
| Posted: Fri May 07, 2004 1:06 pm Post subject: |
|
|
| To wrote: | You can allways give an account to the users and don't give them a shell, that way can only connect via ftp for example. On your passwd:
| Code: | | user-example:x:1000:100::/home/user-example:/bin/bash |
into:
| Code: | | user-example:x:1000:100::/home/user-example:/bin/false |
Tó |
yeah that's how i did mine, i know my users, they're friends of mine that just need a place to put that *cough* data *cough*, |
|
| Back to top |
|
|
eltech
Guru
Joined: 05 Nov 2002
Posts: 582
Location: New York
|
| Posted: Fri May 07, 2004 10:11 pm Post subject: |
|
|
Thanks.. kinda figured it out all .. just VERY different then glftpd and i dont like it at all, but i dont have a choice.. the sfv checker is a problem .. ack .. but here is another question ..
if i have a directory :/home/ftp
set to DenyAll
but i would like the directory: /home/ftp/access
to be read by a certain user, or all .. it doesnt matter |
|
| Back to top |
|
|
Thoreau
n00b
Joined: 29 Apr 2004
Posts: 38
|
| Posted: Tue May 11, 2004 2:04 pm Post subject: |
|
|
| wouldn't the users need access to the main folder (in this case /home/ftp) inorder to gain access to /home/ftp/access? real world model: if i gave some one my room key, but not my front door key, they couldn't get to my room, with out my front door key...yeah? |
|
| Back to top |
|
|
eltech
Guru
Joined: 05 Nov 2002
Posts: 582
Location: New York
|
| Posted: Tue May 11, 2004 3:30 pm Post subject: |
|
|
| Thoreau wrote: | | wouldn't the users need access to the main folder (in this case /home/ftp) inorder to gain access to /home/ftp/access? real world model: if i gave some one my room key, but not my front door key, they couldn't get to my room, with out my front door key...yeah? |
guess you dont get it ..
red what i said ..
| Quote: | if i have a directory :/home/ftp
set to DenyAll
but i would like the directory: /home/ftp/access
to be read by a certain user, or all .. it doesnt matter |
its just that .. i would like no one to have no download abilities in /home/ftp .. but would like them to have the ability to download from /home/ftp/access .. dunno whats so hard to understand ..
its not an abnormal setup as in glftpd its simple, but proftpd is very different .. and i have not seen any example that shows it.. maybe its not possible?
maybe by setting up a vhost? and just set it to the same internal ip.. and specify the directory in question .. ??? dunno ..  |
|
| Back to top |
|
|
|
Networking & Security
