Setting up a FTP server on a old 474mhz box.

[Hydraulix]

Hey everyone,


I was going to use Fedora for this box since it's pretty old. But was unhappy with the way everything was laid out. So I'm going back to my distro of choice. I'm still installing the base system as I type but I have some questions. First let me give you some info about the box....


AMD-K6 3D Processor 474mhz

512MB

20GB drive

Behind a linksys router.

Reiserfs for the filesystem

Very old.

Now this box isn't going to be used all the time. It's just something I created for me and a couple of friends. But it is going to be up 24/7/365. I want to create accounts for my friends and only have them access the /ftpfiles partition. I don't want them to access or read-only the rest of the system. I won't have an anonymous account. And I want to use sftp. Also, I don't want them to be able to delete the files that are on the server. I've read a couple docs and searched around but I'm still trying to find a simple and VERY SECURE way to do this.

I'm just trying to get some ideas here. So my final question is how would you set this box up?
_________________
It is the fate of operating systems to become free.
- Neal Stephenson

[nlindblad]

I'd use openssh's chroot USE-flag, that way you can chroot users into an environment holding the material you want them to fetch mounted read-only.

Also, I'd set up a restricted shell for those users limiting them to SCP only.
_________________
Please provide detailed tracebacks and your emerge --info when posting compile errors.
Add [SOLVED] to the thread's topic if you feel that your question has been anwered or your problem is solved.

[someguy]

im using proftpd with ip based acl that is built into it

its simple its like ALLOW from ip.add.re.ss ;
deny from all; or some crap like that
_________________
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
while [ 1 ] ; do echo "*" | telnet ip.of.print.er 9100 ; done