Solved

secure ftp

Posted on 2002-07-23
11
305 Views
Last Modified: 2013-12-27
Hi,

One of my solaris machine is put in internet.
from my intranet i want to give ftp access to two users.

What will be the BEST way of providing secure FTP.
Note..this machine will be in internet.

Can you give ur suggestions.?


msnr
0
Comment
Question by:msnr
  • 4
  • 2
  • 2
  • +3
11 Comments
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 7172030
Do you need to grant them actual FTP access, or simply allow them to access their own files?

If the latter, I suggest installing OpenSSH (bundled with Solaris 9) and configuring their accounts so they can use sftp and nothing else.
0
 
LVL 1

Author Comment

by:msnr
ID: 7173422
hi...
even iam thinking about that....
can u breif me the config steps...

meanwhile others....anyother suggestions.?


msnr
0
 
LVL 14

Accepted Solution

by:
chris_calabrese earned 100 total points
ID: 7174923
Getting OpenSSH is pretty easy - you can download source from www.openssh.com

The configuration is a bit trickier if you want these people to be SFTP-only.

I'm pretty sure you can do this by using command="..." in authorized_keys so the SFTP deamon is automatically envoked when they authenticate (and don't forget that the user shouldn't be able to write their authorized_keys file so they can't change it).

Don't know the exact details, though.
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 2

Expert Comment

by:LeeMiller
ID: 7175219
One way to do this is to create a user with a shell that doesnt exist.  Example-- create the two users, and edit the /etc/passwd file to a default shell that doesnt exist
(eg. bin/foop).  The users will get their own file space but will not be able to connect through telnet(when trying to do so the new user without a default shell will get an error message that states that "NO Shell - Connection lost to foreign host)
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 7175321
I don't know if this works for ssh, though.
0
 
LVL 1

Expert Comment

by:billwcc
ID: 7179862
Here's a possible answer for you.  If I understand you correctly, you want to securely transfer files.

Using ssh, you could use scp (secure copy) instead of ftp.  scp works just like rcp, but the transfer is encrypted.  

Solaris 9 comes with ssh; I think Solaris 8 did too.  Hope this is of some help.
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 7180782
Wow, that answer is exacly what I said three days ago! You must be phychic!
0
 
LVL 1

Expert Comment

by:billwcc
ID: 7181974
Jeez, I feel like an idiot.  Sorry about that.  After reading several
of these questions, one can forget who has said what.

And I agree with your answer, ssh is the way to go.
0
 
LVL 1

Author Comment

by:msnr
ID: 7181982
Thanks all...
i know ssh is secure ftp....i have asked configurations also.....

anyhow iam closing this....
0
 
LVL 20

Expert Comment

by:tfewster
ID: 8003375
No comment has been added lately, so it's time to clean up this Topic Area.
I will leave a recommendation for this question in the Cleanup topic area as follows:

- Answered by chris_calabrese

Please leave any comments here within the next 7 days

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER !

tfewster
Cleanup Volunteer
0
 

Expert Comment

by:SpideyMod
ID: 8065846
per recommendation

SpideyMod
Community Support Moderator @Experts Exchange
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

My previous tech tip, Installing the Solaris OS From the Flash Archive On a Tape (http://www.experts-exchange.com/articles/OS/Unix/Solaris/Installing-the-Solaris-OS-From-the-Flash-Archive-on-a-Tape.html), discussed installing the Solaris Operating S…
FreeBSD on EC2 FreeBSD (https://www.freebsd.org) is a robust Unix-like operating system that has been around for many years. FreeBSD is available on Amazon EC2 through Amazon Machine Images (AMIs) provided by FreeBSD developer and security office…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question