|
|
Sponsored Content
Operating Systems
Solaris
RBAC with ftp/sftp using proftpd
Post 302604987 by bartus11 on Tuesday 6th of March 2012 11:51:06 AM
03-06-2012
|
|
10 More Discussions You Might Find Interesting
1. Cybersecurity
Hi,
I'm being told that I have to start using SFTP from my server (HPUX 11i), so heres a few questions;
What are the differences between FTP and SFTP? What differences in congiuration can I expect? Are there any changes in command usage? I did see an earlier thread with command issues. A few... (3 Replies)
Discussion started by: nhatch
3 Replies
2. UNIX for Advanced & Expert Users
First off I did try google for help on this topic, didn't really find anything.
When I try to ftp from my SCO Unix box (SCO_SV servername 3.2 5.0.5 i386) to a proFTPD server within my company I get this error
Connected to 10.?.?.?.
220 ProFTPD Server ftp.hostname.com
Name (10.?.?.?:root):... (1 Reply)
Discussion started by: whegra
1 Replies
3. UNIX for Advanced & Expert Users
Hi,
I am in the process of migrating all my FTP data flows into SFTP to make data more secure...
I have used many quote site commands in our FTP sesssion.
In SFTP i found that there is no option to do such commands.
Does any body here know to overcome the current situation.
Regards,... (2 Replies)
Discussion started by: Astra
2 Replies
4. Shell Programming and Scripting
Hi all, below is my current scriptftp -n << FTPCTRL
open $my_ip
user $my_user $my_pass
ascii
prompt off
lcd $myDIR
cd $ftp_cd
$OPS $myfile
FTPCTRLI'd like to amend it to sftp mode. Please advise the correct step.I consulted the man pages of sftp and I suppose I should be using the... (1 Reply)
Discussion started by: new2ss
1 Replies
5. UNIX for Dummies Questions & Answers
Good morning all,
I require some help regarding an FTP server i am building.
Basically i have around 20 users all sending a receiving files to and from my FTP server but would like all traffic to be secure. I want to ensure users connect via SFTP only and are denied via FTP.
Im using... (1 Reply)
Discussion started by: mokachoka
1 Replies
6. Shell Programming and Scripting
Somebody made a policy that 'we use sftp now instead of ftp'. I have recommended we use scp because I can't for the life of me think of a *good* reason to use sftp and not scp. But most of what I do is stupid stuff without a good reason. I get judged on how much I can just say yes, no matter how... (1 Reply)
Discussion started by: CodeMonkey76
1 Replies
7. Shell Programming and Scripting
Hello,
I'm a UNIX SysAdmin at a large webhosting company and we have a vendor that provides a service which involves the ftp'ing of files from their servers to ours. They initiate FTP using a perl script with NET::FTP.
When they try to transfer files (and delete files over ftp), there is... (3 Replies)
Discussion started by: tmmgeekette
3 Replies
8. Solaris
I am not very familiar with the use of FTP, and trying to run it I found out that standard "ftp" is not working" but "sftp" is.
If sftp is allowed will that block ftp ? and if so where is this set ?
I thought there is no relationship, is that right ?
If so look here:
inetadm | grep ftp
enabled... (11 Replies)
Discussion started by: manni2
11 Replies
9. Shell Programming and Scripting
Hi Friends,
I need to make a Unix script, where i need ftp and sftp functionality.
Let me describe in details:
I need to import few files from remote server, now these remote server either support ftp or sftp not both. So i need a script where my script will try to do ftp first and if it... (8 Replies)
Discussion started by: gnnsprapa
8 Replies
10. SCO
i have installed and working FTP Server With SCO 5.05.
But i need solve problem related to config, like proftpd (i not have installed proftpd)
the recomendation on client site is enable port 113 related to inetd. but i need solve it on server side, like proftpd.conf:
DefaultRoot ~... (9 Replies)
Discussion started by: Arcanisgk
9 Replies
LEARN ABOUT OPENSOLARIS
ifdown
NET(8) System Manager's Manual NET(8) NAME
netscript - netscript network configuration command SYNOPSIS
netscript start|stop|reload|restart netscript ifup|ifdown|ifqos|ifreload <interface-name>|all netscript compile [ -fhq ] [ -b max-backup-level ] netscript ipfilter load|clear|fairq|flush|reload|save netscript ipfilter usebackup [ backup-number ] netscript ipfilter exec <function-name1>|<function-name2> [chain p1 p2 ...] netscript ip6filter load|clear|fairq|flush|reload|save netscript ip6filter usebackup [ backup-number ] netscript ip6filter exec <function-name1>|<function-name2> [chain p1 p2 ...] DESCRIPTION
This manual page documents briefly the netscript command from the netscript router/firewall network configuration package. This command is used to configure/reconfigure the interface configuration, ipchains filter setup, and ip route service ( QoS ) setup that are configured in netscript's configuration files. It can manipulate individual interfaces, and reconfigure the iptables filter contents and firewall setup, or reconfigure the QoS setup. It is rather incomplete as it does not describe fully the finely tuned manipulations that happen due to netscript's design which enables a Linux box to serve as a high availability heavy-duty mission-critcial network router or firewall. COMPILE CONFIGURATION MODE
The rules can be compiled and automatically loaded on boot by setting the IPV4_CONFIGURE_SWITCH switch in network.conf(5) to the value of the function used to configure the kernel. Net-compile(8) creates this function as 'Configure'. If this switch is set, the netscript startup will run netscript-compile(8) to make sure everything is up to date and load the rules from /etc/netscript/ipfil- ter-defs.conf, and the relevant settings in network.conf(5) which are used to establish packet grooming and configure the built in ker- nel netfilter INPUT and FORWARD chains in the filter table. If compilation fails, the previous rule set is not replaced and it is used instead. A similar mode exists for IPv6, but it is not fully implemented yet. IPTABLES CONFIGURATION MODE
This configuration mode corresponds to the old method of doing it using iptables-save(8) and iptables-restore(8). This is the default for operation, and occurs if the IPV4_CONFIGURE_SWITCH is not set in network.conf(5). This is the metoh still used by IPv6 as well. OPTIONS
start Set up networking configruation by loading ipcahins filters, setting up bridge, configuring interfaces and running any configured lower layer protocol daemons or commands. For use from a startup script. stop Shut everything down. For use from a startup script. reload Refresh the setup of netscript except for iptables from the configuration files in /etc/netscript restart|force-reload Stop everthing and then start everything again. For use from a startup script. ifup <interface-name>|all Bring interfaces(s) up by starting any protocol daemons, and configuring interfaces. ifdown <interface-name>|all Shutdown said interface(s) by doing reverse of ifdown. ifqos <interface-name>|all Reload QoS configuration for interface(s). ifreload <interface-name>|all Refresh the interface setup and implement any configuration changes. ifreset <interface-name>|all Shutdown and then restart interface(s), reloading configuration from lower layer up to the network layer. compile [ -fhq ] [ -b max-backup-level ] Compile the new definitions in /etc/netscript/ipfilter-defs directory into a new set of functions in the /etc/netscript/ipfilter- defs-compiled.conf file. See the netscript-compile(8) and ipfilter-defs(5) manpages for details. ipfilter load|reload Load/reload the IPv4 iptables filters and reconfigure the firewalling, from that saved in /etc/netscript/iptables (via iptables- restore(8) ), and the QoS fair queuing setup, or by excuting the requisite configuration function from /etc/netscript/ipfilter-defs- compiled.conf if using ipfilter-defs(5) mode. ipfilter save Save the IPv4 iptables configuration to /etc/netscript/iptables via iptables-save(8) , after backing it up to /etc/netscript/ipta- bles.1 and cycling the previous backup files down through the configuration history. This does not work if the IPv6 side of netscript is operating in ipfilter-defs(5) mode. ipfilter usebackup [ backup-number ] Restore setup from the IPv4 iptables backup configuration from /etc/netscript/iptables.n ( default 1 ) via iptables-restore(8), or if the ipfilter-defs(5) backend is used, the requisite backup number from the /etc/netscript/ipfilter-defs.conf history files. ipfilter clear|flush Remove iptables and any firewall setup, and if IPV4_FWDING_KERNEL is set to FILTER_ON (see network.conf(5) ), disables all IPv4 packet forwarding on the router. Very useful for debugging protocol problems on a firewall by enabling a reasonably safe check to be made with the filtering down. ipfilter forward|fwd Turns on the IPv4 kernel forwarding switch manually. This is irrespective of the setting of IPV4_FWDING_KERNEL (see network.conf(5) ). Use with caution as it will allow traffic through the box. ipfilter noforward|nofwd Turns off the IPv4 kernel forwarding switch manually. This is irrespective of the setting of IPV4_FWDING_KERNEL (see net- work.conf(5) ). Use with caution as it will cut off reachability. ipfilter fairq Reload the IPv4 fairq chain that marks the packets for the QoS interface transmit queues. ip6filter load|reload Load/reload the IPv6 iptables filters and reconfigure the firewalling, from that saved in /etc/netscript/ip6tables (via ip6tables-restore(8) ), and the QoS fair queuing setup, or by excuting the requisite configuration function from /etc/netscript/ipfilter-defs-compiled.conf if using ipfilter-defs(5) mode. ip6filter save Save the IPv6 iptables configuration to /etc/netscript/iptables via ip6tables-save(8) , after backing it up to /etc/netscript/ip6tables.1 and cycling the previous backup files down through the configuration history. This does not work if the IPv6 side of netscript is operating in ipfilter-defs(5) mode. ip6filter usebackup [ backup-number ] Restore setup from the IPv6 iptables backup configuration from /etc/netscript/ip6tables.n ( default 1 ) via ip6tables-restore(8), or if the ipfilter-defs(5) backend is used, the requisite backup number from the /etc/netscript/ipfilter-defs.conf history files. ip6filter clear|flush Remove IPv6 iptables setup, and if IPV6_FWDING_KERNEL is set to FILTER_ON (see network.conf(5) ), disables all IPv6 packet forward- ing on the router. Very useful for debugging protocol problems on a firewall by enabling a reasonably safe check to be made with the filtering down. ip6filter forward|fwd Turns on the IPv6 kernel forwarding switch manually. This is irrespective of the setting of IPV6_FWDING_KERNEL (see network.conf(5) ). Use with caution as it will allow traffic through the box. ip6filter noforward|nofwd Turns off the IPv6 kernel forwarding switch manually. This is irrespective of the setting of IPV6_FWDING_KERNEL (see net- work.conf(5) ). Use with caution as it will affect reachability. ip6filter fairq Reload the IPv6 fairq chain that marks the packets for the QoS interface transmit queues. FILES
/etc/netscript/if.conf, /etc/netscript/ipfilter.conf, /etc/netscript/network.conf, /etc/netscript/qos.conf, /etc/netscript/ipfilter-defs.conf, /etc/netscript/ipfilter-defs-compiled.conf, /etc/netscript/ipfilter-defs directory, /etc/netscript/iptables, /etc/netscript/ip6tables, /etc/netscript/ipfilter-defs-compiled SEE ALSO
netscript-compile(8), ipfilter-defs(5), if.conf(5), ipfilter.conf(5), network.conf(5), qos.conf(5), ip(8), tc(8), iptables(8), iptables- restore(8), iptables-save(8), ip6tables(8), ip6tables-restore(8), ip6tables-save(8), brcfg(8). AUTHOR
This manual page was written by Matthew Grant <grantma@anathoth.gen.nz>, for the Debian GNU/Linux system (but may be used by others). BUGS
I wrote this manpage when I was half asleep... January 24, 2003 NET(8)