Here's some additional tips to make the ftp server a bit more secure.ģ. Now if users are logging in via ssh they will get a message that they are not allowed to log in (the /etc/shells file only seems to apply to the ftp server, and not other login processes). Open the file /etc/shells file with your favourite editor and put/sbin/nologin on an empty row (you could see how the other valid shells are written in the file). Then we must tell the ftp-server that /sbin/nologin is a valid shell for the ftp-server.
So open up the NetInfo manager, go to the ftp user and set the login-shell to /sbin/nologin instead.Ģ. Instead of using /usr/bin/false as a login shell for the ftp-user use /sbin/nologin instead. NOTE: Please read the whole message before beginning to change your system.ġ. I think this would be the solution (after checking man ftpd) On my Linux box with proftpd you could set so that you don't require a valid login shelll for the ftp-account. I suppose it depends on what ftp server you are using. I tried to set the loginshell to /usr/bin/false but then the ftp account didn't seem to work that well either. If you want to do more (lots of users, advanced GUI control over your FTP server), then this is not the best solution. Why do it this way? It's simple and requires no additional software. Leave out the password (and the :colon) to marginally increase security (make them type the password).To automate, check out this hint: A shell script to add FTP users in 10.3 If you are going through a router, then use your router's WAN IP, port-forwarded to your computer's LAN IP. If your IP is dynamic, it will eventually change. Be sure to forward ports 20-21 if you have an external firewall. Use NetInfo Manager to change the user's home directory to the folder that you want to share (I wanted to share the same folder I share when file sharing).Give them a name and password, then click on the Limitations tab and select Some Limits, then uncheck everything.Follow these directions to set up an FTP server with a single user, who has read-only access to one folder of your choice. It's not unique, but it took me a while to figure out that it was the best no-software approach, so I thought it would be nice to have a primer for the semi-power user. I tried several approaches, but the following seemed to be the best. If you're trying to share a bunch of large files, it should be super easy, but it's not.
0 kommentar(er)
