Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

secure ftp

Posted on 2002-07-23
11
Medium Priority
?
312 Views
Last Modified: 2013-12-27
Hi,

One of my solaris machine is put in internet.
from my intranet i want to give ftp access to two users.

What will be the BEST way of providing secure FTP.
Note..this machine will be in internet.

Can you give ur suggestions.?


msnr
0
Comment
Question by:msnr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
  • +3
11 Comments
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 7172030
Do you need to grant them actual FTP access, or simply allow them to access their own files?

If the latter, I suggest installing OpenSSH (bundled with Solaris 9) and configuring their accounts so they can use sftp and nothing else.
0
 
LVL 1

Author Comment

by:msnr
ID: 7173422
hi...
even iam thinking about that....
can u breif me the config steps...

meanwhile others....anyother suggestions.?


msnr
0
 
LVL 14

Accepted Solution

by:
chris_calabrese earned 400 total points
ID: 7174923
Getting OpenSSH is pretty easy - you can download source from www.openssh.com

The configuration is a bit trickier if you want these people to be SFTP-only.

I'm pretty sure you can do this by using command="..." in authorized_keys so the SFTP deamon is automatically envoked when they authenticate (and don't forget that the user shouldn't be able to write their authorized_keys file so they can't change it).

Don't know the exact details, though.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 2

Expert Comment

by:LeeMiller
ID: 7175219
One way to do this is to create a user with a shell that doesnt exist.  Example-- create the two users, and edit the /etc/passwd file to a default shell that doesnt exist
(eg. bin/foop).  The users will get their own file space but will not be able to connect through telnet(when trying to do so the new user without a default shell will get an error message that states that "NO Shell - Connection lost to foreign host)
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 7175321
I don't know if this works for ssh, though.
0
 
LVL 1

Expert Comment

by:billwcc
ID: 7179862
Here's a possible answer for you.  If I understand you correctly, you want to securely transfer files.

Using ssh, you could use scp (secure copy) instead of ftp.  scp works just like rcp, but the transfer is encrypted.  

Solaris 9 comes with ssh; I think Solaris 8 did too.  Hope this is of some help.
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 7180782
Wow, that answer is exacly what I said three days ago! You must be phychic!
0
 
LVL 1

Expert Comment

by:billwcc
ID: 7181974
Jeez, I feel like an idiot.  Sorry about that.  After reading several
of these questions, one can forget who has said what.

And I agree with your answer, ssh is the way to go.
0
 
LVL 1

Author Comment

by:msnr
ID: 7181982
Thanks all...
i know ssh is secure ftp....i have asked configurations also.....

anyhow iam closing this....
0
 
LVL 21

Expert Comment

by:tfewster
ID: 8003375
No comment has been added lately, so it's time to clean up this Topic Area.
I will leave a recommendation for this question in the Cleanup topic area as follows:

- Answered by chris_calabrese

Please leave any comments here within the next 7 days

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER !

tfewster
Cleanup Volunteer
0
 

Expert Comment

by:SpideyMod
ID: 8065846
per recommendation

SpideyMod
Community Support Moderator @Experts Exchange
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
FreeBSD on EC2 FreeBSD (https://www.freebsd.org) is a robust Unix-like operating system that has been around for many years. FreeBSD is available on Amazon EC2 through Amazon Machine Images (AMIs) provided by FreeBSD developer and security office…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question