[nycbug-talk] ftp client....

pete wright pete
Tue Jun 1 22:41:48 EDT 2004


On Jun 1, 2004, at 8:21 PM, George Georgalis wrote:

> On Tue, May 25, 2004 at 06:00:47AM -0400, Isaac Levy wrote:
>>
>>
>> but for plain ol' FTP, (eeeek!):
>>
>> Dedicated Client Software:
>> The Mac Finder:
>> all drag-n-drop n' such...
>> From the finder, Controll-K, and then enter the ftp server url...
>> (noteworthy, this works great across an SSH tunnel for when you
>> actually encounter some FTP resource in the wild...)
>> You can also flip the passive/active switch in the system preferences,
>> Network Pane, in the 'Proxies' tab for a given interface.
>>
>
>
> I got a chance to try this out, first hand, today. Humm, it didn't work
> though. I found the passive/active switch too (by the way, that means
> an unpredictable port vs port 20 for ftp-data, right? Maybe I'm spoiled
> with iptables connection tracking...).  I even tried explicitly stating
> the protocol and ip, no go.
>
> I was able to use command line 'ftp' with tar to circumvent free
> webmail storage limitations ;-) ...all the more reason the above ctrl-k
> procedure not working is a big mystery. Oh, maybe I need ~ftp/lib/ and
> ~ftp/bin/ files?  My anon ftp doesn't have any...
>
>
> On the near horizon is another unrelated problem I need to work out,
> give _virtual_ users ftp/scp/rsync-ssh access to _their_ and only
> _their_ public html docs directories. I saved this shell from a while
> back:
>

i've just implemented proftpd authenticating via MySQL.  the accounts  
are managed via a web gui.  works pretty well, and each ftp user is  
chroot'd.  i am not sure about ssh utils, altho i'm sure you can have  
fun with PAM etc...

-p

> http://www.panix.com/~atlunde/software/restricted-shell/rsync- 
> restricted-shell
>
> I've not completely got my head around that one, it may do, but I would
> prefer not using system accounts, even if they are restricted, and I
> don't want one user to be able to cd to another's 'public' html, and
> read htaccess protected files for example.
>
> I'm thinking djb's checkpassword to chroot to the users's dir for a
> ftp/scp/rsync-ssh restricted shell (yes I need to enable ftp auth,
> securely) could do it, with everything in a cdb. But I'd like to get
> something acceptable (ftp) in place soon. :-} Any ideas?
>
> // George
>
>
>
> -- 
> George Georgalis, Architect and administrator, Linux services. IXOYE
> http://galis.org/george/  cell:646-331-2027  mailto:george at galis.org
> Key fingerprint = 5415 2738 61CF 6AE1 E9A7  9EF0 0186 503B 9831 1631
>
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/talk





More information about the talk mailing list