Secure ftp access to outside chroot Post: 302395509

Sponsored Content

Operating Systems Linux Debian Secure ftp access to outside chroot Post 302395509 by chipmunken on Wednesday 17th of February 2010 07:23:30 AM

02-17-2010

Registered User

Secure ftp access to outside chroot

I want to setup ftp on my home server running debian 5.0
I found this guide and have read it carefully.
Virtual Hosting With PureFTPd And MySQL (Incl. Quota And Bandwidth Management) On Debian Lenny | HowtoForge - Linux Howtos and Tutorials

Before I install/config it I want to know if its possible to.
Give my dad access to some files located under /mnt/lager/
Without giving him read or write access to the hole system.

If I jail system users to home directory's I cant symlink to /mnt/lager
Is there any way of doing this. I thought with virtual pureftp users this is configurable. I cant find anything in there about it.

Any tips or ideas before I start experimenting.

---------- Post updated at 10:46 ---------- Previous update was at 09:39 ----------

Think I found a solution.

I will post here if it works.

---------- Post updated 17th Feb 2010 at 07:23 ---------- Previous update was 16th Feb 2010 at 10:46 ----------

Well I solved my issue now.
I have jailed a pure ftp user to his home folder and I have mount bound a folder to his home folder and he only has read access there.

mount --bind /mnt/lager/stuff /home/fred/stuff

and under /mnt/lager/stuff the ftp user fred only has read privileges

chipmunken

View Public Profile for chipmunken

Find all posts by chipmunken

9 More Discussions You Might Find Interesting

1. HP-UX

ftp to secure server

How to ftp file to secure server. Can somebody pls guide.

2. Solaris

Secure FTP Problem using Sun SSH on Client system F-Secure on Server system

I am using shell script to do secure ftp. I have done key file setup to do password less authentication. Following are the FTP Details: FTP Client has Sun SSH. FTP Server has F-Secure. I am using SCP Command to do secure copy files. When I am doing this, I am getting the foll error scp:...

3. Solaris

secure access using sudo

I just need to know what should be done on a login user so that no one can access it except through sudo i.e. telnet server login: user NO ACCESS telnet server login: mylogin sudo - user <any command> ACCESS GRANTED thanks

4. UNIX for Advanced & Expert Users

Setup Secure FTP

Hi All, Please help me to setup the secure Ftp. I want to build a ftp which should ask the Login id and password, and one thing more a particular login should be enable to read/write only his/her directory i.e,s a user should not be able to open the other directories in the ftp.Please help me...

5. AIX

How to secure ftp in AIX

Hi, the default ftp that comes with AIX5L is not secured as far as i know. How to install and use the secured FTP in AIX? Linux these days uses vsftpd daemon(very secured FTP daemon) is there VSFTPD for AIX? if there is any where can i download it from? thanks and regards Pchangba

6. UNIX for Advanced & Expert Users

chroot openssh access www folder

here is the setup<br/> sshd_config: <pre> Match User sftp ChrootDirectory /chroot/sftp </pre> I connect just fine to the folder <pre>/chroot/sftp</pre> However I cannot access the website developer folder due to it being outside the scope of the defined chrootdirectory...

7. Cybersecurity

WebApp secure access to protected files/programs

Hello, I'm working on an embedded linux project that provides a devices that uses an IPSec VPN (using racoon) to connect back to base. The device also hosts a WebApp that allows admin users to change many aspect of the networking setup, including things like the VPN pre-shared-key, IP addresses...

8. AIX

openssh chroot facility and directory access

Good day. I currently have a request to have sftp access to a specific directory for a user(s). They can have access to that folder only, and nothing below it. Now here is the gotcha that seems to be catching me. The folder they need access to is NOT owned by root, and most of the parent...

9. Red Hat

Fedora-Kickstart, chroot cannot access to files been copied inside during %post -nochroot

Heyas I did try with several paths, and it ran several times, so i'm tired of rebuilt it (takes 30min and laptop is up to 90+C on cpu temp) just to see an empty skeleton dir. I once had the kickstart files in the root dir, but somehow the files retrieved from git, seem to be missing. Had...

LEARN ABOUT FREEBSD

mksnap_ffs

MKSNAP_FFS(8)						    BSD System Manager's Manual 					     MKSNAP_FFS(8)

NAME

     mksnap_ffs -- take a file system snapshot

SYNOPSIS

     mksnap_ffs snapshot_name

DESCRIPTION

     The mksnap_ffs utility creates a snapshot named snapshot_name.

     The group ownership of the file is set to ``operator''; the owner of the file remains ``root''.  The mode of the snapshot is set to be read-
     able by the owner or members of the ``operator'' group.

EXAMPLES

     Create a snapshot of /usr/home file system and mount the snapshot elsewhere:

	   mksnap_ffs /usr/home/snapshot
	   mdconfig -a -t vnode -o readonly -f /usr/home/snapshot
	   mount -o ro /dev/md0 /mnt/

SEE ALSO

     chmod(2), chown(8), mdconfig(8), mount(8)

HISTORY

     The mksnap_ffs utility first appeared in FreeBSD 5.0.

CAVEATS

     The disk full situation is not handled gracefully and may lead to a system panic when no free blocks are found.

     Every filesystem can have only up to 20 active snapshots.	When this limit is reached, attempting to create more snapshots fails with ENOSPC,
     and mksnap_ffs reports that it is ``out of space''.

BSD
								 February 14, 2011							       BSD