PDA

View Full Version : ftp access without creating a full user


gsdali
07-19-2003, 06:13 AM
I want to give people access to my computer for transfering files. I don't want to create full user accounts. Is there a way of giving people a simple log in and password for ftp or sftp only.

Thanks in advance.

Baron Bosse
07-19-2003, 06:37 AM
Sure, just get an FTP server that has its own "virtual" users. I think most of them do in fact. Check on macupdate or versiontracker.

For sftp, I'm not so sure though, as that is SSH and SSH might not be available to anything but real users.

yellow
07-19-2003, 06:42 AM
SFTP does require users and cannot be chrooted, so people can climb out or their home directory, traverse the root directory, and copy any read only material. Why not just create one user that everyone can use to log into upload/download their files? Well, most FTP servers support anonymous login. IMO, you should investigate some alternate FTP binaries than that which comes with OS X.

gsdali
07-19-2003, 09:52 AM
I installed proftpd using fink and webmin to admisnter. Got it working just fine and set up an uploading using. However after sorting everything out and getting it running proftpd stopped running and I can't start it up again. Any ideas what I've done wrong?

breen
07-19-2003, 12:03 PM
Originally posted by yellow
SFTP does require users and cannot be chrooted, so people can climb out or their home directory, traverse the root directory, and copy any read only material. Why not just create one user that everyone can use to log into upload/download their files? Well, most FTP servers support anonymous login. IMO, you should investigate some alternate FTP binaries than that which comes with OS X.
pureftpd is a good package for virtual ftp users.

I'd also take a look at scponly, an alternate 'shell' which allows you to restrict a user to copying files without giving them command execution. According to the homepage (http://www.sublimation.org/scponly/) it supports chroot and sftp.
I've never run it, but I've heard it recommended more than once.

Breen

yellow
07-19-2003, 12:05 PM
Originally posted by breen
I'd also take a look at scponly, an alternate 'shell' which allows you to restrict a user to copying files without giving them command execution. According to the homepage (http://www.sublimation.org/scponly/) it supports chroot and sftp.
I've never run it, but I've heard it recommended more than once.

SWEET! I've been looking for something like this, Thank Breen!