Lot of questions on Debian services

To: <debian-user@lists.debian.org>
Subject: Lot of questions on Debian services
From: <programing@nib.si>
Date: Sun, 6 Oct 2002 10:58:18 +0100 (GMT-1)
Message-id: <[🔎] 2709.194.249.4.243.1033898298.squirrel@webmail.nib.si>

Hi.

I want to 'secure' one machine in such a way to avoid clear text
authentication on various services.
1.: I want to secure FTP. Now I'm using pro-ftpd which provide SSL also.
The problem is that if you want to use SSL, you must use a special client
(ex. on Windows you can use Filezilla). Is there a way to tell pro-ftpd to
accept ONLY SSL connections?Is there any other FTP server on Debian thet support SSL and posibly SSH
(SCP) too?
2.: I want to force a SFTP (SCP) session to chroot in the user home
directory. I'm usint Debian Woody. Is there any 'prepached' .deb package
of OpenSSH that support this?I checked the internet but didn't find any good tutorial how to manualy
patch .deb packages. I played with one source .deb package, but this is
all. Is there any good howto document that describe how to applay paches
on debian source and then build a .deb package so that in near future it
can be uninstalled (I think that it should cover .deb versioning too).
3.: Is there any simple way to upgrade MySQL and OpenLDAP (slapd) packages
from Woody to any packages that support SSL connection or I have to
recompile them as described in 'Second:'?
4.: I'm now using an Courier IMAP server. There are some users that
prefere to use SSH connections over Webmail to read them e-mail. I write a
simple script that prevent them to enter shell commands (they only can use
mutt and pine). Is there any package that already implement something
similar? I want to grant them the homedir browsing capability (but that
they don't have permision to go in any upper directory). I see on one
system that they use Lynx for this purpose, but I didn'd found a method to
limit fiesystem access to file://~ . And what about various limited
shells? I see that there are lshells which simplify the user resource
limiting, but is there any shell writen apositly for a limited access to
the system?
5.: Is there any s-key pam.d module or any similar module on Debian which
I can use to substitute a simple telnet authentication?
6.: I'm looking in how to implement a VPN server so that my users can
connect from the internet. I found IP-Sec (FreeSWan). Is there any better
posibility (from any aspect of view)? Is it necesary to pach the kernel
with SSL patch to get encryption and why the patch isn't a part of the
kernel (is it due to exports rights)?
10x for any answer.

Regards,
Dezo

Reply to:

Follow-Ups:
- Re: Lot of questions on Debian services
  - From: Tom Cook <tom.cook@adelaide.edu.au>

Prev by Date: Re: Windows Metafiles
Next by Date: OT: a new slogan for Debian :)
Previous by thread: Re: Icepref broken in testing? (Reported to bug tracking)
Next by thread: Re: Lot of questions on Debian services
Index(es):
- Date
- Thread