[nycbug-talk] ftp client....

George Georgalis george
Tue Jun 1 20:21:51 EDT 2004

On Tue, May 25, 2004 at 06:00:47AM -0400, Isaac Levy wrote:
>but for plain ol' FTP, (eeeek!):
>Dedicated Client Software:
>The Mac Finder:
>all drag-n-drop n' such...
>From the finder, Controll-K, and then enter the ftp server url...
>(noteworthy, this works great across an SSH tunnel for when you 
>actually encounter some FTP resource in the wild...)
>You can also flip the passive/active switch in the system preferences, 
>Network Pane, in the 'Proxies' tab for a given interface.

I got a chance to try this out, first hand, today. Humm, it didn't work
though. I found the passive/active switch too (by the way, that means
an unpredictable port vs port 20 for ftp-data, right? Maybe I'm spoiled
with iptables connection tracking...).  I even tried explicitly stating
the protocol and ip, no go.

I was able to use command line 'ftp' with tar to circumvent free
webmail storage limitations ;-) ...all the more reason the above ctrl-k
procedure not working is a big mystery. Oh, maybe I need ~ftp/lib/ and
~ftp/bin/ files?  My anon ftp doesn't have any...

On the near horizon is another unrelated problem I need to work out,
give _virtual_ users ftp/scp/rsync-ssh access to _their_ and only
_their_ public html docs directories. I saved this shell from a while


I've not completely got my head around that one, it may do, but I would
prefer not using system accounts, even if they are restricted, and I
don't want one user to be able to cd to another's 'public' html, and
read htaccess protected files for example.

I'm thinking djb's checkpassword to chroot to the users's dir for a
ftp/scp/rsync-ssh restricted shell (yes I need to enable ftp auth,
securely) could do it, with everything in a cdb. But I'd like to get
something acceptable (ftp) in place soon. :-} Any ideas?

// George

George Georgalis, Architect and administrator, Linux services. IXOYE
http://galis.org/george/  cell:646-331-2027  mailto:george at galis.org
Key fingerprint = 5415 2738 61CF 6AE1 E9A7  9EF0 0186 503B 9831 1631

More information about the talk mailing list