Please help in setting up a Guest ftp on solaris 2.8....
Hi All,
I'm using solaris 2.8, and I want create a new ftp user account, with restricted ftp access to a particuler directory, example: /home/softawre/billing
I already googled, but always falling on other third parties ftp software, like proftpd...., or recommendation to setup anonymous ftp, then create sub loggins, however this doesn't suit me.
Any step by step procedure, would be highly appreciated
Thanks for your help
Premium
[472 byte] By [
Premium] at [2007-11-26 9:49:29]
# 1
Well, if you set up a normal user account, it will have access right to its own home directory by default. Normally you will put a password on this account. This account will have ssh, telnet, etc access also, however.
Most people install a chrooted guest account for ftp access to do this kind of thing.
>>> I already googled, but always falling on other third parties ftp software, like proftpd...., or recommendation to setup anonymous ftp, then create sub loggins, however this doesn't suit me
Well, I'n not sure what would suit you instead, since you didn;t say, but by RTFM and using your brain, you should be able to figure it out. The steps for setting up a chrooted Solaris ftpd will be nearly identical for any application. Unless you have SOME system administration experience, you may find it difficult. YOu need to understand how chroot and shared libraries work.
I googled myself and found lots of references, especially to wu-ftpd which is "better" than the solaris ftpd anyway:
http://www.google.com/search?hl=en&lr=&q=howto+setup+solaris+chroot+ftp &btnG=Search
You can download wuftpd from Sunfreeware.com or build it easily.
# 2
What I'm looking for is just a procedure to Set up a Guest FTP User for Solaris 2.8, similar to the one that do exist for Solaris 10. http://docs.sun.com/app/docs/doc/816-4555/6maoquing?a=view
# 3
I don't know about the FTP server that Solaris shipped with, since one of the first things I do to a fresh build is dump the bundled FTP server and install a third party FTP server.
I generally stick to vsftpd or ncftpd. Both let you do what you want and both are very secure.
The downside to vsftpd is that I haven't found a way to drop somene if they exceed n connection retries. For example, you can initiate a connection at 10am, and forcibly guess the password an infinite number of times without losing your connection to the server.
As for ncftpd, it's not free. There is a per server license fee for it, but again, I've had it working on some very busy servers with no issues whatsoever.
If you're serious about securing your data, move away from FTP and use SSH/SCP for your data transfers. You can set up scponlyc as the shell and also limit users to a particular directory.
Claw at 2007-7-7 0:58:37 >
# 4
Hi ,
try this link.
http://www.sunmanagers.org/pipermail/summaries/2003-March/003433.html
So basically in your case you will
1- create the ftp user with the home directory you desire.
2-do chroot to this home directory.
3-start the ftp by uncommenting the "ftp stream tcp nowail root /usr/sbin/in.ftpdin.ftpd" line in the /etc/inetd.conf.
also uncomment the ftp 21/tcp if its not uncommented already in /etc/services
4- restart inetd using /usr/sbin/inetd -s.
5- Edit the /etc/ftpd/ftpaccess (dunno if its in the same path as in solaris 9 and 10) to allow the ftpuser to login.
first uncomment this line
classguestusersguest*
and then supply the username (usernames) in this line as per this example
guestuserftpuser webadmin.
Also you can modify the permissions given to users to allow them to delete, rename or overwrite files and directories through editing this file.
i hope this will work for you as it did for me, please ask again if you have any questions, i will be glad to answer if i can as iam still not experienced with solaris.
If you also need more details regarding the chroot contact me back.
Thanks.
Message was edited by:
Haythammorsy
