Re: [Q] How to create a FTP only account.. for...
Please do not Cc: to my e-mail address. I will only get the same message twice.
On Sun, 29 Jun 1997 15:50:25 -0400 (EDT) , System Account wrote:
>
> Ok this is what i have setup right now
>
> ***/etc/passwd***
> miller:passwd:5000:5000:Miller,,,,:/ftp/./web/miller:/bin/true
>
> the /bin/true is in /etc/shells
This seems to be good at first sight.
> ***/etc/group***
> webusers:*:109:
> miller::5000:
>
> should this be webusers:*:109:miller and all other users?
Yes, it should. Or you would have to add a 'guestgroup' entry in ftpaccess
for each web user.
> now i made a /home/ftp/webusers dir
> drwxr-xr-x 3 root webusers 1024 Jun 29 14:50 web
>
> and then /home/ftp/webusers/miller dir
> drwxr-xr-x 2 miller webusers 1024 Jun 29 14:50 miller
And this would be miller's home directory? Then you should change the home
directory in /etc/passwd from /ftp/./web/miller to
/home/ftp/webusers/miller.
About the permissions: I would make each directory like
/home/ftp/webusers/miller like this:
drwxr-x--x 2 miller miller 1024 Jun 29 14:50 miller
This way only the user himself (and root) would be able to read his home
directory. If his web pages are stored in $HOME/pub_html or something like
that, this directory should be like:
drwxr-xr-x 2 miller miller 1024 Jun 29 14:5 pub_html
The home directory should have execute permission for all users or nobody
would be able to view the web pages. Read permission is not necessary,
because the www server already knows the name of the pub_html dir.
> ***/etc/ftpd/ftpaccess***
> #added
> guestgroup webusers
> guestgroup miller
If all users are in the 'webusers' group, you only need the entry for that
group. This means you have one file less to maintain if you add or remove
a user.
> Now after doing this i try to ftp in:
>
> >ftp timberwolf.provision.net
> Connected to timberwolf.provision.net.
> 220 timberwolf FTP server (Version wu-2.4(14) Wed Jan 8 21:17:19 MET 1997)
> ready.
> Name (timberwolf.provision.net:adren): miller
> 331 Password required for miller.
> Password:
> 550 Can't set guest privileges.
> Login failed.
> Remote system type is UNIX.
> Using binary mode to transfer files.
> ftp> bye
> 221 Goodbye.
>
>
> I do not want users logging in with a group login. Each user
> should have thier own login and passwd. Because of this i don't see a
> reason for the group. I have read the manpages for ftpaccess and i'm still
> not sure why this isn't working. Is there something i'm over looking as
> the error 550 Can't set guest privileges. leads me to believe that i'm
> close?
The only reason for the group is that you don;t have to add each user's
personal group to the ftpaccess file. If you want to do that, fine. Drop
the webusers group and put a 'guestgroup <username>' line in ftpaccess for
each web user.
> Also if i remove guestgroup miller (or both) from the ftpaccess file it
> does log me in but cann't find a home directory:
>
> 331 Password required for miller.
> Password:
> 230-No directory! Logging in with home=/
> 230 User miller logged in.
This looks like a message you would get if your home directory doesn't
exist. Are you sure that /ftp/web/miller exists or is this an error in
/etc/passwd?
Remco
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: