Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Allowing access to server.
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
CurtE
Guru
Guru


Joined: 17 Apr 2004
Posts: 364
Location: Minneapolis, MN

PostPosted: Sun Sep 16, 2012 7:41 am    Post subject: Allowing access to server. Reply with quote

I have a web developer that I need to give access to the server but I only want to allow the directory to the actual web pages.

Let's say I'm giving him access to /home/webguy where /webguy will hold the temporary web site.

How do I do this properly?
Back to top
View user's profile Send private message
audiodef
Watchman
Watchman


Joined: 06 Jul 2005
Posts: 6639
Location: The soundosphere

PostPosted: Sun Sep 16, 2012 2:50 pm    Post subject: Reply with quote

Easy - set the guy up with /home/webguy/.ssh/authorized_keys, which contains his public ssh key. Have him send you his public key and cat webguy_publickey > /home/webguy/.ssh/authorized_keys. He can then ssh/scp to his home dir.

I have exactly the same situation. I mirror Pappy's Kernel Seeds, and this is how Pappy updates my mirror.
_________________
decibel Linux: https://decibellinux.org
Github: https://github.com/Gentoo-Music-and-Audio-Technology
Facebook: https://www.facebook.com/decibellinux
Discord: https://discord.gg/73XV24dNPN
Back to top
View user's profile Send private message
cach0rr0
Bodhisattva
Bodhisattva


Joined: 13 Nov 2008
Posts: 4123
Location: Houston, Republic of Texas

PostPosted: Mon Sep 17, 2012 8:46 am    Post subject: Reply with quote

if it's just plain ole html/css/javascript/whatever, then Userdir should be fine

if you want to be a bit more fancy, and run something like e.g. php, you'd probably want to look at suPHP

some people take yet another route and run an ftp daemon, but set their ftp daemon to run as the apache user. I don't care for ftp at all personally, but it does work.

should be good reading fodder at least.
_________________
Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash
Back to top
View user's profile Send private message
audiodef
Watchman
Watchman


Joined: 06 Jul 2005
Posts: 6639
Location: The soundosphere

PostPosted: Mon Sep 17, 2012 1:29 pm    Post subject: Reply with quote

Isn't FTP a security risk compared to scp?
_________________
decibel Linux: https://decibellinux.org
Github: https://github.com/Gentoo-Music-and-Audio-Technology
Facebook: https://www.facebook.com/decibellinux
Discord: https://discord.gg/73XV24dNPN
Back to top
View user's profile Send private message
cach0rr0
Bodhisattva
Bodhisattva


Joined: 13 Nov 2008
Posts: 4123
Location: Houston, Republic of Texas

PostPosted: Fri Sep 21, 2012 1:46 pm    Post subject: Reply with quote

audiodef wrote:
Isn't FTP a security risk compared to scp?


considerably so, yes.
there is the advent of SFTP, but it's of little value IMHO

...nonetheless, for whatever reason people still do FTP. I think, largely, because where the "average user" would be lost if you asked them to use SCP, they aren't with an FTP client - even though it looks like the same bloody thing! (e.g. WinSCP)

i understand it from a user side. i dont understand it from an admin side. but, c'est la vie
_________________
Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash
Back to top
View user's profile Send private message
Yess1934
n00b
n00b


Joined: 25 Sep 2012
Posts: 1

PostPosted: Tue Sep 25, 2012 8:47 am    Post subject: Reply with quote

audiodef wrote:
Easy - set the guy up with /home/webguy/.ssh/authorized_keys, which contains his public ssh key. Have him send you his public key and cat webguy_publickey > /home/webguy/.ssh/authorized_keys. He can then ssh/scp to his home dir.

I have exactly the same situation. I mirror Pappy's Kernel Seeds, and this is how Pappy updates my mirror.


There is 1 small problem with keys, you won't be able to use non-default clients (http://webssh.uni.me, smartphones, ...).
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum