Solved

unable to log as root over ftp?

Posted on 2014-11-18
4
285 Views
Last Modified: 2014-11-24
Hello,

I have used different ftp clients (Fillezilla, winscp, total commander) no one is able to connect to the ftp using root?
Is it an expected bahaviour?

Server is on Fedora  20.
Client is on Windows 7

Best Regards,
Nusrat
0
Comment
Question by:Nusrat Nuriyev
  • 2
4 Comments
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 40450034
Fedora comes with proftpd by default.

Look on your server for a file /etc/ftpusers

Users mentioned in that file are not allowed to connect via FTP.
0
 

Author Comment

by:Nusrat Nuriyev
ID: 40450339
I have vsftpd.

ok, why root and others are not allowed? I understand that it's security issues, but can you provide more details why I should not delete root from the list?
0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 250 total points
ID: 40450362
FTP is generally considered insecure, because all traffic, including userids and passwords, is transferred in clear text, there's no encryption (as opposed to e.g. scp, sftp or ftps).

The root userid on Unix has the most elevated privileges, so a malicious person can do extreme damage to a system or steal important information once they gained root privileges by e. g. sniffing network traffic.  

That's why FTP access (or access via rcp/rsh, telnet etc.) should be restricted to low-privileged users or even at all forbidden.
0
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 250 total points
ID: 40450752
If you delete 'root' from that list... you probably shouldn't tell anyone... since that will allow access to every file on that computer.  Someone could modify or delete Everything on that system.  It's just a Really Bad idea.  As @woolmilkporc said, FTP and SFTP should be severely restricted.  Often users are allowed access to Only their own directories.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…

947 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now