Yast FTP Server

I’m not sure what all to put. I’m newish to openSuSE and am having difficulty with the FTP server from the Yast2 configuration menus. I have it all working well with DynDNS and can FTP remotely using my user. It work faster than it ever did in windows. My issue is how do I set up separate FTP user accounts that have limited access to one folder or another in my home directory. I attempted to create a new user in openSuSE and it didn’t allow access to a share mounted in my home folder. I don’t need a full user in my whole system, just to access specific data on the FTP share. Any direction? Thanks

On Wed, 13 Aug 2008 19:06:03 GMT
azelliot246 <azelliot246@no-mx.forums.opensuse.org> wrote:

>
> I’m not sure what all to put. I’m newish to openSuSE and am having
> difficulty with the FTP server from the Yast2 configuration menus. I
> have it all working well with DynDNS and can FTP remotely using my
> user. It work faster than it ever did in windows. My issue is how do I
> set up separate FTP user accounts that have limited access to one
> folder or another in my home directory. I attempted to create a new
> user in openSuSE and it didn’t allow access to a share mounted in my
> home folder. I don’t need a full user in my whole system, just to
> access specific data on the FTP share. Any direction? Thanks
>
>

Which ftp server are you using? pure-ftpd or vsftpd?

Hmm, I installed yast2-ftp-server, and pure-ftpd. Let’s see…

Using Yast FTP-Server setup module, nothing about virtual users found.

Installing vsftpd…

Using Yast FTP-Server setup module, nothing about virtual users found either.

Installing system-config-vsftpd

Nothing about virtual users.

Even checked proftpd, no virtual user support there either. I guess either
the user exists, or he doesn’t!

If you create a new user on your system, and make their default shell
‘/bin/true’, they will not be able to log in, but can access the system through ftp.

Not exactly optimal, but workable.

Giving those users access to data in your own home subdir can create some
issues with permissions and ownership. You could symlink their home
directories into subdirs in your home. (Not advisable, but doable)

I would not recommend putting an ftp server on the web… it attracts
script-kiddies like ants with sugar. They all have to try cracking the
password for ‘Administrator’.

Also, ftp is completely insecure. No encryption… which means your linux
account password is transmitted in the clear when you ftp in remotely.

Alternatives include scp, sftp and rsync. Google can help. But windows
doesn’t support those file transfer protocols by default.

If you were to open a port for ssh logins to your linux box, filezilla
(windows/mac/linux versions available) can log in and transfer files using
the sftp (secure ftp) protocol, which is encrypted and very secure.

Just don’t make your ssh server web accessible on port 22. I typically get
2500-3500 attempts an hour to break in when I set that up here. (can you say
honeypot?) My ‘real’ ssh login port is somewhere else. See the sshd_config
man page.

Loni


L R Nix
lornix@lornix.com