Re: How security of chroot?
Date: Wed, 02 Jul 2003 03:52:24 GMT
> "jon" <email@example.com> ???
> news:firstname.lastname@example.org ???...
>>Keith, If you're going to use FTP, you should be using vsFTPd
>>http://vsftpd.beasts.org/ which includes chroot functionality with a
>>...setting. You can also pick & choose which users will be chrooted,
>>etc. Check it out.
>>If you're wanting to do chroot at ssh level (hence posting to THIS
>>newsgroup?) there's been a bit of discussion about this in a recent
>>posting earlier in this group...
> Which method do you think better (utilize and security), setup chroot over
> ssh or just setup vsftp? Thanks.
If you want to make download/upload trivial for everyone, vsftpd (which
is an FTP daemon). If you don't want passwords sniffed or want to
provide public key access and possible remote shell access, chrooted ssh.
- Re: vsftpd chrooted setup
... The chroot lines are commented out. ... then after starting vsftpd, /sbin/service vsftpd status will give error ... # loosens things up a bit, to make the ftp daemon more usable. ... # Uncomment this to enable any form of FTP write command. ...
- Re: VSFTPD not working after upgrade from FC3 to FC4
... > be a success with the exception of VSFTPD which does not work anymore. ... > I have VSFTPD to be configured to use virtual users using the example ... > the machine was as an ftp server, it is somewhat worthless right now. ... Possibly the chroot environment. ...
- Re: FTP guest access chroot not working
... the "root" dir for the chroot is /home/someguy/ftp ... # chroot ftp users ... cannot get out of that jail. ... if you created a symlink inside the jail that points to some real ...
- Re: FTPS Server?
... port numbers by deep packet inspection. ... It behaves exactly like an ordinary FTP ... See the chroot configuration in the man-page for sshd_config ... case standard port 22 stops working. ...
- Re: Q: Impact of globbing vulnerability in ftpd
... so ftpd is already chrooted and running with the uid of the user at ... sufficient to allow the vulnerability to be exploited. ... compounded because the FTP server only runs with an effective UID of the ... there are processes outside of the chroot() running as the same user. ...