[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Providing secure file access on a colo-server

On Fri, Oct 08, 2004 at 11:48:49AM +0100, Marcus Williams wrote:
> I'm looking at either proftpd or vsftpd but what I want is to set it
> up so that users can login with a password that is different to their
> shell password so that their shell passwords are not broadcast in
> plaintext every time they update their websites etc.

You can use a separate (LDAP, RDBMS, RADIUS) database for password
authentication with the FTP daemon so that you don't mix remote shell
passwords and FTP passwords. Proftpd provides, IIRC, modules that integrate
with external databases. Maybe you can use integration through PAM foe
vsftpd but I'm not sure if it will be possible.

In any case, make sure that the FTP areas they access are not their home 
areas since a rogue user that intercepts their FTP password could easily 
install trojans in their profile scripts (.profile, .bashrc, .bash_profile, 



Attachment: signature.asc
Description: Digital signature

Reply to: