[lug] LAMP FTP setup
gsexton at mhsoftware.com
Tue Jun 5 22:12:41 MDT 2007
As has been beaten to death here, FTP is brain dead. There are plenty of
free SSH clients, including Windows ones. Make them use SSH.
Create a file named sftponly in the /bin directory and put this script
in it. Finally, add sftponly to /etc/shells and make it their shell.
This will prevent the users from using interactive SSH
# sftponly shell
# Shell arguments must be -c /opt/ssh/libexec/sftp-server echo $1 >>
if [ "$1" != "-c" ] || [ "$2" !="/usr/lib/ssh/sftp-server" ]; then
logger authpriv.warning "SSHD: interactive login attempted by $USER"
echo "Error: sftpshell only runs the sftp-server program."
karl horlen wrote:
> i'm wondering what the safest / best way is to allow
> different site owners to be allowed ftp access to
> their own virtual host directory (or related directory
> aliased into their virtual host directory) on a lamp
> web server.
> i'm trying to avoid giving the users system accounts
> to make this work but i don't think that's possible.
> anybody have a bulletproof approach?
> Boardwalk for $500? In 2007? Ha! Play Monopoly Here and Now (it's updated for today's economy) at Yahoo! Games.
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
MH Software, Inc.
Voice: +1 303 438 9585
More information about the LUG