server ftp

Kevin Fries Kevin.Fries at hcico.com
Fri Apr 15 15:15:46 UTC 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Alejandro Lemus (alejo) wrote:
| i want to do ftp server in my Fedora box, how config my box?

There is no good answer to such a question.  Like everything it depends
on so many factors, your question is badly formed.

Our FTP Server is configured as follows:

- - 1.6 GHz P4
- - 512 MB Ram
- - 80 GB Hard drive (Hardware based RAID-5)

This machine runs several functions, but the three most critical are
DNS, Mail and FTP.  Our machine generally runs quite quickly.

We pull our system accounts from LDAP which is cached on the localhost
port of the machine from a central server.

The server we choose to use is PureFTPd, which works excellent.

We maintain our accounts using GOsa on the back office server, so we do
not have maintenance tools for the FTP on the actual FTP server.  When
we add the check mark before the FTP in GOsa and save the record,
PureFTPd will begin accepting FTP requests for that user.  If I remove
the check mark, the change is made in FTP and the account is now blocked
from FTP access.

I achieve this by a slight alteration of the PureFTPd configuration file
for LDAP.  Normally it allows FTP for all Posix accounts.  I changed the
filter to require the PureFTPdUser objectclass instead.  GOsa adds or
removes that object class as I add or remove the check box.  This allows
the FTP to respond to LDAP, and not require separate FTP admin tools.

I have also turned on soft chroot, which limits the user to their home
directory.  PureFTPd's soft chroot allows it to follow symlinks outside
the jail (its hard chroot works conventionally).  I can then allow
access to internal resources on a user by user basis by using normal
Linux directory utilities.

That is what we do... What is appropriate for you is impossible to tell
from your question.

- --
Kevin Fries
Network Administrator
Hydrologic Consultants, Inc of Colorado
(303) 969-8033    FAX: (303) 969-8357
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCX9qiiFq1Eo16+CgRAqERAJ9d5gpydB359uS6Elt6dSkZYniZAACfY3fJ
qRcwBiWeUxHUgriTufYr0kc=
=tO/L
-----END PGP SIGNATURE-----

More information about the users mailing list