Does anyone know on the topic of ftp security, how we can limit the ftp user that log's in to stay in the home dir you assign them, and not be able to move up the directory tree ?
----- Original Message ----- From: "Nate Amsden" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <debian-user@lists.debian.org> Sent: Tuesday, October 24, 2000 1:09 PM Subject: Re: adding ftp user > William Jensen wrote: > > > > I've just installed ftpd from the stable potato packages. Anonymous ftp > > cannot log in because ftp user does not exist. I've setup a chroot jail > > in /home/ftp. What's the best way to add user ftp in a security conscious > > way. I tried useradd ftp, then in /etc/passwd I changed it's shell to > > /bin/false. Anything else I should be aware of? > > > > I'd use scp but work's firewall has the port blocked and I'm not particularly > > excited about sending my username and password for my "normal" account login so > > I decided to go the anonymous way. > > > > Bill > > you can change the port for ssh/scp see the manpage .. as for ftp > ..thats probably fine ..id be more concerned about the ftpd your using > if your using 'ftpd' thats good i wouldn't use proftpd or wu-ftpd > though(if your security councious(sp)) > > nate > > -- > ::: > ICQ: 75132336 > http://www.aphroland.org/ > http://www.linuxpowered.net/ > [EMAIL PROTECTED] > > > -- > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null >
