Solved

unable to log as root over ftp?

Posted on 2014-11-18
4
287 Views
Last Modified: 2014-11-24
Hello,

I have used different ftp clients (Fillezilla, winscp, total commander) no one is able to connect to the ftp using root?
Is it an expected bahaviour?

Server is on Fedora  20.
Client is on Windows 7

Best Regards,
Nusrat
0
Comment
Question by:Nusrat Nuriyev
  • 2
4 Comments
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 40450034
Fedora comes with proftpd by default.

Look on your server for a file /etc/ftpusers

Users mentioned in that file are not allowed to connect via FTP.
0
 

Author Comment

by:Nusrat Nuriyev
ID: 40450339
I have vsftpd.

ok, why root and others are not allowed? I understand that it's security issues, but can you provide more details why I should not delete root from the list?
0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 250 total points
ID: 40450362
FTP is generally considered insecure, because all traffic, including userids and passwords, is transferred in clear text, there's no encryption (as opposed to e.g. scp, sftp or ftps).

The root userid on Unix has the most elevated privileges, so a malicious person can do extreme damage to a system or steal important information once they gained root privileges by e. g. sniffing network traffic.  

That's why FTP access (or access via rcp/rsh, telnet etc.) should be restricted to low-privileged users or even at all forbidden.
0
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 250 total points
ID: 40450752
If you delete 'root' from that list... you probably shouldn't tell anyone... since that will allow access to every file on that computer.  Someone could modify or delete Everything on that system.  It's just a Really Bad idea.  As @woolmilkporc said, FTP and SFTP should be severely restricted.  Often users are allowed access to Only their own directories.
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
lunix and unix command 21 85
Samba Question 11 73
Looking for recommendations on Network Monitoring Tool?  What is your favorite? 4 37
VTP servers with 3650 switches 5 25
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question