RE: Good, secure FTP daemons that don't need real user accounts

From: Nate Pinchot (npinchot@ccservice.cc)
Date: 08/03/01


Subject: RE: Good, secure FTP daemons that don't need real user accounts
Date: Fri, 3 Aug 2001 09:12:03 -0400
Message-ID: <EAEE14ADB771234B879244F1952F35B703C26D@ccs-mail.ccservice.cc>
From: "Nate Pinchot" <npinchot@ccservice.cc>
To: <focus-linux@securityfocus.com>


>So as a further step to avoid such a fiasco, we want to avoid giving
>these people entries in /etc/passwd. This also has the pleasant side
>effect of allowing us to run the FTP daemon non-root (just configure
>the FTP daemon to use a port above 1024 and tell our clients to use
>that port).
There is an ftp daemon called glftpd, it is available from
www.glftpd.org.
You don't have to make user accounts for the ftp users, those are added
and configured through the program itself, but you do need to add a
user account for the daemon. It will run on whatever port you want it
to.
It also has some nice remote config commands which can be accessed by
connecting and logging into the ftp.

>Each virtual host has at most four or five clients attached to
>it, so a flat file should be more than enough.
Correct me if I'm wrong, but I believe this is what it uses.

Hope that helps.
______________________________
Nate Pinchot
Corporate Computer Services
npinchot@ccservice.cc <mailto:npinchot@ccservice.cc>

"we're only gonna die because of our own arrogance, that's why we might
as well take our time"
-bradley nowell



Relevant Pages

  • Good, secure FTP daemons that dont need real user accounts
    ... a lot of our company's virtual hosted web clients insist on using it ... So as a further step to avoid such a fiasco, we want to avoid giving ... effect of allowing us to run the FTP daemon non-root (just configure ... the FTP daemon to use a port above 1024 and tell our clients to use ...
    (Focus-Linux)
  • Re: Secure FTPD (SSL)
    ... > Can someone recommend an ftp daemon that uses SSL? ... I want to disable ftp ... > port 21. ...
    (comp.os.linux.security)
  • Re: Secure FTPD (SSL)
    ... >>> Can someone recommend an ftp daemon that uses SSL? ... I want to disable ftp ... >>> port 21. ... >>> Rich ...
    (comp.os.linux.security)
  • Is FTP over VPN safe?
    ... Are there security issues and can hackers scan the port or attack the ftp daemon? ...
    (comp.security.unix)