FTP Server Suggestion - Ubuntu

This is a discussion on FTP Server Suggestion - Ubuntu ; I want to set up an FTP server on my network at work. We have a bunch of external IPs, the infrastructure is there, indeed I've already done this with a windows machine (it's a Windows network) but for FTP ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: FTP Server Suggestion

  1. FTP Server Suggestion

    I want to set up an FTP server on my network at work. We have a bunch
    of external IPs, the infrastructure is there, indeed I've already done
    this with a windows machine (it's a Windows network) but for FTP I want
    more control over the users, particularly like giving users their own
    virtual root so they can't see other users' directories even exist let
    alone get in them.

    What's the best way to start? Install something like Ubuntu server and
    go from there or will a desktop edition do it? Is there much choice of
    FTP daemons? I'd like a GUI or web based management if possible.

    --
    You can lead a horse to water, but a pencil must be lead.
    Stan Laurel

  2. Re: FTP Server Suggestion

    Trevor Best wrote:
    > I want to set up an FTP server on my network at work. We have a bunch
    > of external IPs, the infrastructure is there, indeed I've already done
    > this with a windows machine (it's a Windows network) but for FTP I want
    > more control over the users, particularly like giving users their own
    > virtual root so they can't see other users' directories even exist let
    > alone get in them.
    >
    > What's the best way to start? Install something like Ubuntu server and
    > go from there or will a desktop edition do it? Is there much choice of
    > FTP daemons? I'd like a GUI or web based management if possible.



    Ubuntu Server and the regular Ubuntu are not much different. The
    difference is in the programs that are included on the CD. You can
    always download and install anything else.

    The vsftpd (Very Secure FTP Daemon) is supposedly the most secure. Check
    out all of the companies that use it on their Web page
    http://vsftpd.beasts.org

    The vsftpd package is available via DEB APT (apt-get or the GUI front
    ends Synaptic and Adept)

    I helped Kenneth Miles set up his vsftpd server last week (he was
    originally going to use proftpd). Tuesday evening I installed and
    configured mine on a Debian 4.0 box. It is to replace a beta GuildFTPd
    that has been crashing on a Win XP Pro SP2 box for several years.

    You can use vsftpd with real Linux system users, each having their own
    /home directory, or you can use virtual users. Either way, they should
    be chrooted into a chroot jail so they cannot see any higher-level
    directory that the one into which they are chrooted.

    Setup is pretty simple, and the configuration file is well-documented.
    Add any site-specific info, like your banner, and uncomment or change
    options that you want to use.

    Here are a few links, some with complete HOWTO instructions:

    http://freshmeat.net/projects/vsftpd

    http://www.netadmintools.com/art355.html

    http://www.nslu2-linux.org/wiki/Optw...Unslung.Vsftpd

    http://howto.gumph.org/content/setup...ries-in-vsftpd

    http://vsftpd.beasts.org/vsftpd_conf.html

    http://www.vsftpd.org


    Other FTP daemons are:

    proftpd

    http://www.proftpd.org

    http://packages.debian.org/stable/net/proftpd

    http://www.castaglia.org/proftpd/doc...TO-Chroot.html

    wu-ftpd

    http://www.wu-ftpd.org


    --
    John

    No Microsoft products were used in the preparation or transmission of this message.

    The EULA sounds like it was written by a team of lawyers who want to tell me what I can't do. The GPL sounds like it was written by a human being, who wants me to know what I can do.

  3. Re: FTP Server Suggestion

    On Thu, 04 Oct 2007 08:32:16 GMT
    "John F. Morse" wrote:

    > The vsftpd (Very Secure FTP Daemon) is supposedly the most secure. Check
    > out all of the companies that use it on their Web page
    > http://vsftpd.beasts.org


    That looks like the one, thanks.

    --
    You can lead a horse to water, but a pencil must be lead.
    Stan Laurel

  4. Re: FTP Server Suggestion

    Trevor Best wrote:
    > On Thu, 04 Oct 2007 08:32:16 GMT
    > "John F. Morse" wrote:
    >
    >
    >> The vsftpd (Very Secure FTP Daemon) is supposedly the most secure. Check
    >> out all of the companies that use it on their Web page
    >> http://vsftpd.beasts.org
    >>

    >
    > That looks like the one, thanks.



    Good luck with the config.

    I'm still exploring mine. I need virtual users, with an ability to
    individually give permission to various patterns of directories.

    I could do this easily with user and group permissions with real users,
    but I kinda don't want a mob having access to the file system, even if
    in a chroot jail.

    I think it would be more secure if users were virtual and chrooted.
    Maybe even adding domain access restrictions, plus a high-numbered port
    assignment as well. The crackers aren't likely to scan ports above 1024.
    I could even open a few thousand ports and route them to a nothing IP,
    just to keep the crackers waiting for long periods.

    The annony-mouse access is closed down entirely.


    --
    John

    No Microsoft products were used in the preparation or transmission of this message.

    The EULA sounds like it was written by a team of lawyers who want to tell me what I can't do. The GPL sounds like it was written by a human being, who wants me to know what I can do.

  5. Re: FTP Server Suggestion

    On Fri, 05 Oct 2007 04:07:30 GMT
    "John F. Morse" wrote:

    > Trevor Best wrote:
    > > On Thu, 04 Oct 2007 08:32:16 GMT
    > > "John F. Morse" wrote:
    > >
    > >
    > >> The vsftpd (Very Secure FTP Daemon) is supposedly the most secure. Check
    > >> out all of the companies that use it on their Web page
    > >> http://vsftpd.beasts.org
    > >>

    > >
    > > That looks like the one, thanks.

    >
    >
    > Good luck with the config.
    >
    > I'm still exploring mine. I need virtual users, with an ability to
    > individually give permission to various patterns of directories.
    >
    > I could do this easily with user and group permissions with real users,
    > but I kinda don't want a mob having access to the file system, even if
    > in a chroot jail.
    >
    > I think it would be more secure if users were virtual and chrooted.
    > Maybe even adding domain access restrictions, plus a high-numbered port
    > assignment as well. The crackers aren't likely to scan ports above 1024.
    > I could even open a few thousand ports and route them to a nothing IP,
    > just to keep the crackers waiting for long periods.
    >
    > The annony-mouse access is closed down entirely.


    I might want any-mouse in, some of the sites I got have such pathetic
    proxies that they don't translate authentication to external sites
    meaning when I'm there I can't do diddly squat about transferring files
    to/from base.

    That's assuming there's someone left in the office that can respond to
    "can you put a copy of xyz on the public area of the ftp server?"
    without responding "huh?"

    --
    You can lead a horse to water, but a pencil must be lead.
    Stan Laurel

+ Reply to Thread