sftp password

From: Stan McCann (me_at_stanmccann.us)
Date: 06/23/05

  • Next message: Allodoxaphobia: "Re: e-mails as an images"
    Date: 23 Jun 2005 13:42:25 -0700
    
    

    I manage a server that must provide outside access for all users. Due
    to being hacked a few times on a Solaris box, I have switched over to a
    Linux system which I understand security issues on somewhat better. As
    part of the switch, I also no longer allow telnet and ftp but depend on
    SSH.

    With this new setup, I've had difficulty allowing newly created users
    to access the system without a password so use a generic password that
    allows an initial login requiring the user to change it immediately.
    This works via the .bashrc calling another script. The second script
    deletes itself after a successful password change. It works well and
    thanks to "if", gives no errors when the second script no longer
    exists.

    This leaves one problem, however with sftp. Since there is a valid
    password for the user account, a person can connect to the server using
    sftp without first changing the generic password. What I would like to
    do to solve this issue is disallow connection if the password has not
    been changed. Ideally, I could set a configuration parameter to not
    allow the particular password for sftp. Or, can I check for the
    existence of the secondary script and not allow access via sftp if it
    exists?

    -- 
    Stan McCann "Uncle Pirate" http://stanmccann.us/pirate.html
    Webmaster/Computer Center Manager, NMSU at Alamogordo
    http://alamo.nmsu.edu/  There are 10 kinds of people.
    Those that understand binary and those that don't.
    

  • Next message: Allodoxaphobia: "Re: e-mails as an images"

    Relevant Pages

    • Re: SPAM sudden increase
      ... > Dude was on a tech call with f-secure and the tech asked, "So, ... dude is trying to FTP to their server using WSFTP. ... but I think he is talking about sftp protocol - FTP via ...
      (alt.2600)
    • using java with sftp
      ... JCraft JSch package to SFTP files. ... //First Create a JSch session ... System.err.println("Unable to connect to FTP server. ...
      (comp.lang.java.programmer)
    • Re: using java with sftp
      ... JCraft JSch package to SFTP files. ... //First Create a JSch session ... System.err.println("Unable to connect to FTP server. ...
      (comp.lang.java.programmer)
    • Re: sftp password authentication question
      ... > I have a W2k server machine (equippend with SSH Secure Shell) which ... > NetworkSimplicity SSH server). ... > can be apparently easily accomplished with normal FTP. ... > this to work with SFTP or SFTP2 ??? ...
      (comp.security.ssh)
    • Re: Pasting via ssh causes data loss
      ... sftp of the file to the remote and ... I then opened an ssh session to a FreeBSD ... errors shown on the interface of the server? ...
      (freebsd-questions)