Solved

unable to log as root over ftp?

Posted on 2014-11-18
4
292 Views
Last Modified: 2014-11-24
Hello,

I have used different ftp clients (Fillezilla, winscp, total commander) no one is able to connect to the ftp using root?
Is it an expected bahaviour?

Server is on Fedora  20.
Client is on Windows 7

Best Regards,
Nusrat
0
Comment
Question by:Nusrat Nuriyev
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 40450034
Fedora comes with proftpd by default.

Look on your server for a file /etc/ftpusers

Users mentioned in that file are not allowed to connect via FTP.
0
 

Author Comment

by:Nusrat Nuriyev
ID: 40450339
I have vsftpd.

ok, why root and others are not allowed? I understand that it's security issues, but can you provide more details why I should not delete root from the list?
0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 250 total points
ID: 40450362
FTP is generally considered insecure, because all traffic, including userids and passwords, is transferred in clear text, there's no encryption (as opposed to e.g. scp, sftp or ftps).

The root userid on Unix has the most elevated privileges, so a malicious person can do extreme damage to a system or steal important information once they gained root privileges by e. g. sniffing network traffic.  

That's why FTP access (or access via rcp/rsh, telnet etc.) should be restricted to low-privileged users or even at all forbidden.
0
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 250 total points
ID: 40450752
If you delete 'root' from that list... you probably shouldn't tell anyone... since that will allow access to every file on that computer.  Someone could modify or delete Everything on that system.  It's just a Really Bad idea.  As @woolmilkporc said, FTP and SFTP should be severely restricted.  Often users are allowed access to Only their own directories.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question