Secure Writeable Restricted VSFTP Site

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: <shrike-list@xxxxxxxxxx>
Subject: Secure Writeable Restricted VSFTP Site
From: "Gavin Mellors - BCX SS" <Gavin.Mellors@xxxxxxxxx>
Date: Mon, 18 Apr 2005 22:33:53 +0200
Reply-to: "Discussion of Red Hat Linux 9 (Shrike)" <shrike-list@xxxxxxxxxx>
Sender: shrike-list-bounces@xxxxxxxxxx
Thread-index: AcVEVe1EvDdb9G2uQVqSH7hdx+nyZw==
Thread-topic: Secure Writeable Restricted VSFTP Site

Hi All

I am trying to setup a secure ftp site using RH9.0, vsftpd and xinetd.

I can ftp in locally (local_enable=YES) but I cannot connect to my site from an external address.

The user accounts have been created on the local machine and I can ftp to my box using both accounts and am able to read,write and delete files. I am unable to move out of the local_root dir as specified in vsftpd.conf file and , anonymous and ftp user access is denied. So all seems well locally.?

(I want to give web developer write access to the web site but restrict access to two specific external IP addresses.

Following contents of my config files.

more /etc/xinetd.d/vsftpd
service ftp
{
        disable                 = no
        socket_type        = stream
        wait                    = no
        user                    = root
        server                 = /usr/sbin/vsftpd
        nice                    = 10
        only_from           = www.xxx.yyy.zzz

log_on_failure += USERID
}

/etc/vsftpd.conf
ftpd_banner=Welcome to the Blah Ftp Server
anonymous_enable=NO
local_enable=YES
hide_ids=YES
write_enable=YES
local_root=/var/www/ //I have added my web developer to the apache group and chown to these files root:apache

pam_service_name=vsftpd // Aaargh!!! I needed to change it to this from pam_service_name=ftp ;)
xferlog_enable=YES
# Security
userlist_enable=YES
userlist_deny=NO

Thanks in advance.

Gavin Mellors

Kind Regards,
Gavin Mellors
Senior Customer Services Engineer KZN
Support Services
Business Connexion (Pty) Ltd

	Office:	+27 (0)39 695 0002
	Mobile:	+27 (0)82 577 8675
	Fax:	+27 (0)39 695 0002
	Email:	gavin.mellors@xxxxxxxxx
	Web Site:	www.bcx.co.za

NOTICES:
1. This message and any attachments are confidential and intended solely for the addressee. If you have received this message in error, please notify the sender at Business Connexion (Pty) Ltd immediately. Any unauthorised use, alteration or dissemination is prohibited.
2. Business Connexion (Pty) Ltd accepts no liability whatsoever for any loss whether it be direct, indirect or consequential, arising from information made available and actions resulting there from.
3. Please note that Business Connexion only binds itself by way of signed agreements. 'Signed' refers to a hand-written signature, excluding any signature appended by 'electronic communication' as defined in the Electronic Communications and Transactions Act, no. 25 of 2002.
4. Directors: P.A. Watt, B. Mophatlane, A.C. Farthing (British), B. Sithole, I. Mophatlane, M.W. Schoeman.
5. Business Connexion (Pty) Ltd Company Registration Number: 1993/003683/07

-- 
Shrike-list mailing list
Shrike-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/shrike-list

Prev by Date: Re: Module symbol - Vo Huynh Vu
Next by Date: Best Book for Newbie - Vo Huynh Vu
Previous by thread: Module symbol - Vo Huynh Vu
Next by thread: RE: Secure Writeable Restricted VSFTP Site
Index(es):
- Date
- Thread

[Fedora Users] [Centos Users] [Kernel Development] [Red Hat Install] [Red Hat Watch] [Red Hat Development] [Red Hat Phoebe Beta] [Yosemite Forum] [Fedora Discussion] [Gimp] [Stuff] [Yosemite News]