View previous topic :: View next topic |
Author |
Message |
666threesixes666 Veteran
Joined: 31 May 2011 Posts: 1248 Location: 42.68n 85.41w
|
Posted: Sun Jan 27, 2013 5:10 pm Post subject: vsftpd user/pass + anon access |
|
|
my friend would like to run a ftp server.... this is for mixing and mastering studio tracks and pushing the remasters back to the band. server is located at the band....
cat /etc/vsftpd/vsftpd.conf
listen=YES
local_enable=YES
anonymous_enable=YES
write_enable=YES
anon_root=/home/ftp
user ftp
password ftpsecurepassword
good idea? secure? or is this completely unorthodox? is gftping into this server going to expose passwords in cleartext or is ssl default on the ebuild? i got 3 days to do this right.... if it gets the ok ill update the wiki page i started found here...... (i just know about pushing files out to the world, not the other way around)
http://wiki.gentoo.org/wiki/Vsftpd |
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21602
|
Posted: Sun Jan 27, 2013 5:24 pm Post subject: |
|
|
That looks very insecure to me. Your password is all lowercase, contains your username, and contains the string password. Additionally, you are enabling anonymous access, but you have not explained why that is necessary. According to the manual, SSL is not permitted by default.
Do you need to use ftp to do this? If the only authorized writers are on Linux, I strongly suggest using sftp instead. You can get sftp clients for Windows and Mac OS also, but sftp is almost guaranteed to be available for Linux users. |
|
Back to top |
|
|
666threesixes666 Veteran
Joined: 31 May 2011 Posts: 1248 Location: 42.68n 85.41w
|
Posted: Sun Jan 27, 2013 5:32 pm Post subject: |
|
|
its not actually the password..... the password will probably be S0me+Hin91iKeTh15... (im not posting it on the net, and its not yet been generated) anon access to pull from a browser (firefox) they are a band, they dont understand linux, they just want a laptop hidden in the corner to serve music files from bands main location to studio to band members, and maybe a few other people on top of it....
it needs to be ftp so the studio guru can use a ftp client to push remasters back to the file share.... i was suggesting samba to them at first but they wanted to do it over the internet.
i basically need anon down + secure upload |
|
Back to top |
|
|
|