Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
sftp questions and dynamic dns (solved)
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
gentoo2013
n00b
n00b


Joined: 20 Feb 2013
Posts: 58
Location: United Kigdom

PostPosted: Sun Aug 11, 2013 6:05 pm    Post subject: sftp questions and dynamic dns (solved) Reply with quote

Hi I have setup my media center and everything is working groovy well nearly.

I am able to connect to my media center using filezilla on windows using port 22 sftp.
Is there away to only allow read access when using sftp ?

I would like family and friends to be able to download from my machine but not erase anything. ?

Question 2

At the moment I have just fowarded a port on my router to the ip address of the machine
obviously my ip address changes every few days so is there away of setting up a dynamic dns so that i dont have to check the ip every few days ?

Any help would be great thanks .


Last edited by gentoo2013 on Mon Aug 12, 2013 5:56 pm; edited 1 time in total
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 31342
Location: 56N 3W

PostPosted: Sun Aug 11, 2013 6:15 pm    Post subject: Reply with quote

gentoo2013,

I'll point to the licencing of the media on your media server.
Normally you need to own an original copy of the media but sharing it with friends and family like this will be illegal unless they also have original copies of the media in question.
Thats the legal side.

Now to the technical side. There are several services that keep track of your changing IP for you. Some are even free.
One that comes to mind is http://www.noip.com/ thats not a reccomendation. I have a /29 so my IP is static, I have no use for services like this.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
666threesixes666
Veteran
Veteran


Joined: 31 May 2011
Posts: 1223
Location: 42.68n 85.41w

PostPosted: Sun Aug 11, 2013 6:17 pm    Post subject: Reply with quote

point family and friends @ ftp, & setup anon access from https://wiki.gentoo.org/wiki/Vsftpd
keep your sftp to edit & so on as is.... they use doze, not ssh, IE not firefox. vsftpd will suit their fancy good and proper.
i had a cron job i think it was even hourly for http://www.changeip.com/default.asp

i know it was supplied by changeip, something like this http://www.changeip.com/clients/rinker.sh.txt

though i doubt that is the actual script i was using.
_________________
cat /etc/*-release
Funtoo Linux - baselayout 2.2.0
consider this warning no. 1
http://ecx.images-amazon.com/images/I/81Ku-vxIb3L._SL1500_.jpg
http://wiki.gentoo.org/wiki/Special:Contributions/666threesixes666
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 31342
Location: 56N 3W

PostPosted: Sun Aug 11, 2013 6:20 pm    Post subject: Reply with quote

666threesixes666,

The world and his wife will find an anon ftp server and word will spread about media content.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
666threesixes666
Veteran
Veteran


Joined: 31 May 2011
Posts: 1223
Location: 42.68n 85.41w

PostPosted: Sun Aug 11, 2013 6:27 pm    Post subject: Reply with quote

i see what your getting at, idk virtual users, i only know system users and at that point it might as well be back to sftp. this looks like a reasonable approach to the first problem then.

http://www.linuxquestions.org/questions/linux-server-73/read-only-sftp-by-user-4175452378/#post4905113
_________________
cat /etc/*-release
Funtoo Linux - baselayout 2.2.0
consider this warning no. 1
http://ecx.images-amazon.com/images/I/81Ku-vxIb3L._SL1500_.jpg
http://wiki.gentoo.org/wiki/Special:Contributions/666threesixes666
Back to top
View user's profile Send private message
gentoo2013
n00b
n00b


Joined: 20 Feb 2013
Posts: 58
Location: United Kigdom

PostPosted: Sun Aug 11, 2013 6:30 pm    Post subject: Reply with quote

Sorry I probally should have not have written that.

I do fully understand the law.

I will check theese websites out

Why use vsftp ? i can access the server fine using filezilla on windows and i can drag and drop files from the server.

My main issue is i do not want them to be able to erase anything or have i missed something ?

I will play around with the dynamic dns and see if i can get it working

Thanks
Back to top
View user's profile Send private message
666threesixes666
Veteran
Veteran


Joined: 31 May 2011
Posts: 1223
Location: 42.68n 85.41w

PostPosted: Sun Aug 11, 2013 6:38 pm    Post subject: Reply with quote

you become "gentoo2013.changeip.org" and you have a cron script check your servers ip address, if it changes, it updates changeip.org so gentoo2013.changeip.org is old ip, then when it changes gentoo2013.changeip.org is new ip... external to your machine its ALWAYS gentoo2013.changeip.org.

anon ftp access is already locked down so its outside only pull.

SFTP you need to chmod.

set the owner as you, create guest logins.... chmod 700 = read write execute you, everyone else go away. you want read execute for others. sooooo chmod 755 for directories, and chmod 644 for media files.


towards the bottom of the page is where i found my cron script.
http://www.changeip.com/clients.asp


& i was saying ftp, because you can use browser dialog, wget, etc and not be pinned down to winscp/filezilla/sshfs/sftp.
_________________
cat /etc/*-release
Funtoo Linux - baselayout 2.2.0
consider this warning no. 1
http://ecx.images-amazon.com/images/I/81Ku-vxIb3L._SL1500_.jpg
http://wiki.gentoo.org/wiki/Special:Contributions/666threesixes666


Last edited by 666threesixes666 on Sun Aug 11, 2013 6:48 pm; edited 1 time in total
Back to top
View user's profile Send private message
Jaglover
Advocate
Advocate


Joined: 29 May 2005
Posts: 4560
Location: Saint Amant, Acadiana

PostPosted: Sun Aug 11, 2013 6:45 pm    Post subject: Reply with quote

gentoo2013,

not sure what OS your media center is running, but if it can run webfsd then you can grant read-only access over http, webfs supports authentication, too.
_________________
Please learn how to denote units correctly!
Back to top
View user's profile Send private message
gentoo2013
n00b
n00b


Joined: 20 Feb 2013
Posts: 58
Location: United Kigdom

PostPosted: Sun Aug 11, 2013 6:53 pm    Post subject: Reply with quote

Thanks for all your replys.

Im going to play around a bit.
im going to get the ip thingy working first.

Im running gentoo of course.

i was basically going to create a new user media and make his home directory the same as were all the media is stored.
So im guessing playing around with chmod and chown will sort this as listed above

Thanks guys :) i love gentoo forums
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 31342
Location: 56N 3W

PostPosted: Sun Aug 11, 2013 7:07 pm    Post subject: Reply with quote

gentoo2013,

If media is a real partition, you can mount it read only.
You could also set up mediatomb for serving your media. It can use UPNP, which is good for windows users but do not use UPNP over the big bad internet, unless you tunnel it.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
gentoo2013
n00b
n00b


Joined: 20 Feb 2013
Posts: 58
Location: United Kigdom

PostPosted: Sun Aug 11, 2013 8:05 pm    Post subject: Reply with quote

I pretty much have it working
the one problem is through sftp on filezilla is u can get to the root directory is there away to stop this ?

I could setup a vsftp server but i thought the less stuff I installed the better.
If i have to I will do this.

The whole point is for me to use it over the inernet.
I have xbmc and samba running on the machine for my home network which serves files to all my family that use wincows machines in the house

Permissions now working perfectly

Thanks for your help
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 31342
Location: 56N 3W

PostPosted: Sun Aug 11, 2013 8:31 pm    Post subject: Reply with quote

gentoo2013,

You can use a chroot - just like when you installed Gentoo
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
gentoo2013
n00b
n00b


Joined: 20 Feb 2013
Posts: 58
Location: United Kigdom

PostPosted: Sun Aug 11, 2013 8:55 pm    Post subject: Reply with quote

A chroot for the user?
How would i go about doing this ?

Thank you so much :)
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 31342
Location: 56N 3W

PostPosted: Sun Aug 11, 2013 9:09 pm    Post subject: Reply with quote

gentoo2013,

Achroot for the program and the data it provides. Google chroot jail.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
gentoo2013
n00b
n00b


Joined: 20 Feb 2013
Posts: 58
Location: United Kigdom

PostPosted: Mon Aug 12, 2013 5:55 pm    Post subject: Reply with quote

Everything seems to be working just playing around with the chroot jail :0
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum