RE: (SUMMARY): anonymous sftp?
From: Oscar Knight (knightod_at_appstate.edu)
Date: 05/22/03
- Previous message: Michael Robokoff: "chroot"
- Maybe in reply to: Oscar Knight: "(SUMMARY): anonymous sftp?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 22 May 2003 01:01:33 -0400 (EDT) To: wjnorth <wjnorth@earthlink.net>
Hello Wes,
On Tue, 20 May 2003, wjnorth wrote:
> Date: Tue, 20 May 2003 11:49:25 -0700
> From: wjnorth <wjnorth@earthlink.net>
> Subject: RE: (SUMMARY): anonymous sftp?
>
> Is this the only restricted SFTP site you were given? Are the commercial
> versions that offer SFTP restriction as well?
First, I've yet to implement any "anonymous" sftp. I have tried a stock
Openssh 3.6.1pX using /bin/false as the shell for the user. THAT does not
work :)
Everyone, please jump in here if I say something stupid, misleading or
leave something out. Thanks in advance.
Here's what I know from my research. If you want to do sftp/scp ONLY then
you have two options: 1) Openssh with rssh, you set rssh as the users
shell. 2) SSH.com, their server seems to have this functionality
built-in.
To do anonymous sftp with Openssh you would have to create an account that
uses password auth and has a null password and of course uses rssh as the
shell. I ASSUME you would do something similar (except the rssh) with
SSH.com's software. Now an account with a null password should make
anyone think twice! It makes me nervous.
Also, no one mentioned SSH.com. in any of the replies to my orig post. I
found the reference to sftp only accounts in one of their docs. I assume
their package still supports his functionality.
Anyway, hope this helps,
odk
>
> I'm working on a program that is in real need of something like this.
>
> -Wes
>
> -----Original Message-----
> From: Oscar Knight [mailto:knightod@appstate.edu]
> Sent: Wednesday, May 14, 2003 11:44 AM
> To: secureshell@securityfocus.com
> Subject: (SUMMARY): anonymous sftp?
>
>
> Hello Everyone,
>
> Just wanted to post a summary. I had several responses, some to the
> group and some just to me. Thanks to everyone for all the responses!!!
>
> All fit into two categories:
>
> 1) Tunnel ftp with ssh, ssl, or something else. Not really what I was
> looking for. But thanks for the pointers.
>
> 2) Use ssh/sftp with rssh to restrict the user account to just scp and
> or
> sftp. This is what I was looking for!
>
> http://www.pizzashack.org/rssh/index.shtml
>
> Thanks again to everyone that replied,
> odk
> --
> Oscar D. Knight
> knightod@appstate.edu
> Network Support Services Voice:
> 828-262-6946
> Appalachian State University, Boone, NC 28608 FAX:
> 828-262-2236
>
>
>
>
> Orig Request:
>
> On Mon, 12 May 2003, Oscar Knight wrote:
> > Date: Mon, 12 May 2003 10:48:02 -0400 (EDT)
> > From: Oscar Knight <knightod@appstate.edu>
> > To: secureshell@securityfocus.com
> > Subject: anonymous sftp?
> >
> > Hello Everyone,
> >
> > I want to setup an anonymous sftp account! IE, a password auth
> > account with a null password. NO shell access. Permission to
> read/get a
> > directory structure/files and possibly also put files. Is this
> possible?
> > What ssh flavor should I use? If possible, I would like to use
> > OpenSSH.
> >
> > In general I'm wondering if it's possible to replace anonymous ftp
> > with some form of anonymous sftp. I realize that this requires all
> > user's of the "site" to potentially install some additional software.
> >
> > Thanks in advance,
> > odk
> > --
> > Oscar D. Knight
> knightod@appstate.edu
> > Network Support Services Voice:
> 828-262-6946
> > Appalachian State University, Boone, NC 28608 FAX:
> 828-262-2236
> >
> >
>
>
>
-- Oscar D. Knight knightod@appstate.edu Network Support Services Voice: 828-262-6946 Appalachian State University, Boone, NC 28608 FAX: 828-262-2236
- Previous message: Michael Robokoff: "chroot"
- Maybe in reply to: Oscar Knight: "(SUMMARY): anonymous sftp?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
