Re: apache2 ftp password

To: debian-user@lists.debian.org
Subject: Re: apache2 ftp password
From: Camaleón <noelamac@gmail.com>
Date: Sat, 29 Jan 2011 18:28:40 +0000 (UTC)
Message-id: <[🔎] pan.2011.01.29.18.28.40@gmail.com>
References: <[🔎] 20110128235322.GA22157@rlharris.org>

On Fri, 28 Jan 2011 23:53:22 +0000, Russell L. Harris wrote:

> For the purpose of web site development and testing, I installed apache2
> as a local http server on another machine in the LAN.
> 
> The default web page directory is /var/www .  Of course, this directory
> is owned by root.
> 
> I would like to use an ftp client such as ncftp or lftp to upload web
> pages to the local server, just as I would upload pages to the server of
> a commercial hosting outfit.  But I do not wish to use the root password
> for this purpose, even within the protected environment of the LAN.

(...)

Apache is not the program where to look, but the ftp server, as Waqqas 
already said.

You can instruct ftp server to use system users or virtual users, with no 
shell access at all. After that, you will have to disable anonymous 
logins, chroot your ftp users to their web upload folder (i.e., under "/
var/www/site1.com/") and play with "local_umask" and 
"file_open_mode" (name of these values may vary, those are for Vsftpd) 
parameters to get the desired behaviour.

To avoid sending text clear login information (username and password) you 
can also add SSL/TLS (FTPS).

Greetings,

-- 
Camaleón

Reply to:

References:
- apache2 ftp password
  - From: "Russell L. Harris" <rlharris@broadcaster.org>

Prev by Date: Re: interfaces tab missing in network-admin on Squeeze
Next by Date: Re: How to start gdm by default
Previous by thread: Re: apache2 ftp password
Next by thread: [squeeze] "Open with..." gone from Ark?
Index(es):
- Date
- Thread