[lug] LAMP FTP setup

karl horlen horlenkarl at yahoo.com
Wed Jun 6 18:17:39 MDT 2007


> As has been beaten to death here, FTP is brain dead.

well i probably should have been more clear.. i was
referring to a more secure ftp like sftp, etc.  and if
the question i asked has been beaten to death here, i
shure couldn't find it searching google using
site:lug.boulder.co.us

> There are plenty of 
> free SSH clients, including Windows ones. Make them
> use SSH.

well. as another poster stated, my users are not that
sophisticated.  they want to be able to use something
like filezilla etc that allows them to drag / drop a
folder from a win hd to linux server.  i'm not sure i
want to teach them how to use it if they don't need
to.

fwiw, i'm still confused how straight ssh really
solves the problem (barring your solution below). 
once logged in via ssh, end user then has to learn how
to use scp.  on a windows box, the directory
structures are often long, convoluted and have
embedded spaces which makes finding the path you want
or typing in any kind of path in a copy command
prohibitive even for an experienced user.  

is there some other way one cp's files from a remote
system to a local window's box using something like
putty on win that is easier than what i've described
above?

> Create a file named sftponly in the /bin directory
> and put this script 
> in it. Finally, add sftponly to /etc/shells and make
> it their shell. 
> This will prevent the users from using interactive
> SSH

i must say i don't understand your script but i do
understand the principle behind it and your solution
seems rather elegant and locked down at the same time
without requiring another db table

thanks
> 
> #!/bin/sh
> 
> #
> # sftponly shell
> #
> 
> # Shell arguments must be -c
> /opt/ssh/libexec/sftp-server echo $1 >> 
> /tmp/ftponly.log
> 
> if [ "$1" != "-c" ] || [ "$2"
> !="/usr/lib/ssh/sftp-server" ]; then
>     logger authpriv.warning "SSHD: interactive login
> attempted by $USER"
>     echo "Error: sftpshell only runs the sftp-server
> program."
>     exit 1
> fi
> 
> shift 2
> /usr/lib/ssh/sftp-server $*
> 



       
____________________________________________________________________________________
Building a website is a piece of cake. Yahoo! Small Business gives you all the tools to get online.
http://smallbusiness.yahoo.com/webhosting 



More information about the LUG mailing list