General :: Setting Up Secure Ftp

Aug 3, 2011

setting up secure ftp on linux

View 3 Replies


ADVERTISEMENT

Red Hat :: Setting Up A Secure FTP Site Under RHEL 5.3

Dec 3, 2010

I have recently setup a RHEL 5.3 server primarily to be used as an Apache web server. I also now have a requirement to have this server also service SFTP requests for uploading/downloading files.

1. By default RHEL 5.3 allows SFTP (over TCP port 22). However when searching for SFTP site setup I've come across the fact that RedHat recommends using vsftpd. So if I configure vsftpd, what happens to the default SFTP and the ability to remotely use something like PuTTY to SSH into the server? Really looking to see if SFTP or vsftpd is best. Also, is vsftpd as or more secure than FTP over SSH?

2. I've set aside a separate disk parition (to keep it away from the system partition to help lock down security) for the SFTP site. So I want to use that as the default SFTP root directory structure. How can this be achieved?

3. My requirements dictate 3 separate directories need to be used, each with their own associated SFTP user. The user can only read/write it's own directory structure and cannot navigate out of it. Also there will be a SFTP super user able to navigate through each of the 3 directory structures mentioned, but will not be able to navigate out of it's home directory. Can this be done, if so how?

There will be no SSL certificates in play at the moment. I'm more concerned about getting things setup and working correctly first. However there may be a requirement to use them later. The site will be accessed over the Internet initially, hence the reason I'm looking to make it as secure as possible while getting it up and running quickly.

View 3 Replies View Related

Security :: Setting Up Secure Remote Logins

Jun 17, 2010

I'm trying to secure the CentOS servers on our company network as the current situation is, shall we say, less-than-ideal: remote root logins with the same password across several servers (behind a firewall, on non-standard ports, but still) and several key processes running as root. My proposal to amend this consists of the following:

- setup a bare as possible SSH-gateway with only the normal user accounts to handle remote access
- disable the root login from anywhere else but LOCAL and create special accounts with root permissions for our ~4 system administrators, like admin.foo admin.bar that can only login from inside the company network, using SSH-keys.

So far my biggest obstacle seems to be creating the administrative users, how do I go about and do that? When I simply create a user adminfoo with uid=0 it will show on my shell as root, which makes it useless as a way to make our admins accountable for their actions. BTW, my initial proposal to use sudo unfortunately met with strong resistance, because it compromises usability.

View 7 Replies View Related

Ubuntu Servers :: Setting Up Secure FTP On Internal Network

Mar 8, 2010

I'm running Ubuntu Server 9.10 and I'm looking to setup an FTP server. I have SSH running beautifully and it's accessible from any computer whether it be inside the network or coming in from the internet (provided you have the administrator username and password ). I've tried Proftpd and vsftpd and have failed miserably so far. Which FTP server application do you think I should go with and how could I go about setting it up through my SSH connection?

My current setup is this:
- Ubuntu Server 9.10 with Fixed IP of 192.168.1.100
- 500GB Hard Drive
- SDA1 = 512MB ext2 /boot
- SDA2 = 2GB swap
- SDA3 = 20GB ext4 /
- SDA5 = 438GB ext4 /home
- One User (Username = administrator)
- Full SSH Capabilities
- IP Address to DNS provided by www.dyndns.org
- WRT120N Router with Remote Access and Port 22 Open

I basically want to set up a secure FTP server that anyone on the internal network can access as well as anyone from the internet (as long as they have a username and password). I want to setup a username and password for each user so that they all have read/write access to the same folder in my /home partition (I'll call it FTPSHARE).

View 9 Replies View Related

CentOS 5 Server :: 5.4 - Setting Up Sendmail To Do Secure Email Transmissions

Nov 27, 2009

I'm confused about the sendmail/ssl combination. so confused, i'm not even sure what i'm confused about :) I want to have email sent from our server to the rest of the world in a 'secure' manner. Just dl'ed and installed CentOS5.4: Linux rh5 2.6.18-164.el5xen #1 SMP Thu Sep 3 04:03:03 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux the /etc/mail/sendmail.mc has the instructions

[Code]...

View 2 Replies View Related

Ubuntu Servers :: Setting Up Secure IMAP Email Server That Is Able To Be Accessed From Outside Network?

Jun 9, 2011

Does anyone know how to go about setting up a secure IMAP email server that is able to be accessed from outside the network? Similar to how you can access your google email account from your computer using Thunderbird.

View 3 Replies View Related

Security :: Ways To Secure Sendmail Or Secure Alternatives To Send Mail

Dec 1, 2010

I'm an Oracle DBA and started working for my current employer about 4 months ago. This past weekend an alert re: FS space brought my attention to /var/spool/clientmqueue (full of mail re: cron jobs) and the fact that sendmail is not running on our Linux servers.I'm told that the IT security team deemed sendmail too vulnerable so we don't run it.Aside from FS filling up and missing notification of issues with crontab entries, I'm concerned that we may be missing notification of potential issues. In other Unix/Linux environments I've seen emails from the print daemon when it experienced problems with specific jobs.

Are there other Linux facilities aside from cron and lpd that use email to advise the users of possible issues? Are there ways to secure sendmail or secure alternatives to sendmail? My primary need/desire is to make sure that emails regarding issues on the server get to the appropriate users. Secondary goal would be to have the ability to use mailx to send mail out. There is No need/desire to receive mail from outside.

View 1 Replies View Related

General :: Setting Time And Date / Setting Calendar Format?

May 14, 2010

Have installed Suse 11.2. how can I change the calendar format dd/mm/yyyy and how to configure the system to sync.from an ntp?

View 1 Replies View Related

General :: Network Setting / Change Eth0 Setting?

May 4, 2010

I have a ubuntu server , can advise if I want to change the network setting ( eg. IP address , gateway address etc ) , which one is the configuration file ? for example , if I want to change eth0 setting , what file I should update ?

View 10 Replies View Related

General :: How To Properly Secure Computer

Apr 21, 2011

there are different methods for securing based on home versus professional computers. My questions generally pertains to securing home desktops, but professional protection is definitely welcome :) Knowledge is power. Ever since moving to the wonderful world of Linux a couple years ago, I never even really thought about security. Seeing as most low-life scum make viruses for Windows machines seeing as they're more abundant.But how do I know if I'm safe/secure from anyone who want's to get at me or my stuff. I know that anyone who is determined enough to get in will, there's no question about that. But what steps can I take to ensure I'm protected from things like rogue root shells and automatic attacks? Also, is there a sort of built-in firewall/antivirus in more Linux distros?

I know this question is quite broad seeing as there are tons of ways someone could compromise your system, but maybe you could share what you did to make sure you were safe.I decided to not allow root login via ssh and to change the port is listens on to something random. Hopefully this a step in the right direction. Currently looking at iptables and shutting down services.

View 5 Replies View Related

General :: Secure Erase Of CF Card Over USB?

Aug 9, 2011

I have a CF card I'd like to erase. My CF card reader is connected to my Linux machine via USB. How do I do a secure erase (i.e., the ATA Secure Erase functionality) of the CF card?

I have tried hdparm --security-erase NULL /dev/sdc, but I get an error: ERASE_PREPARE: Invalid exchange. In fact, any hdparm command gives me the same error:

# hdparm -I /dev/sdc
/dev/sdc:
HDIO_DRIVE_CMD(identify) failed: Invalid exchange

I read somewhere that hdparm can't do an ATA Secure Erase of a drive that is connected over USB. Is this true? I tried using sdparm, but sdparm doesn't seem to have the capability to send the ATA Secure Erase command to the CF card. So, what is the proper way to do this?

View 1 Replies View Related

General :: Secure Screenlocking With X And Tty Login

Aug 14, 2011

I choose not to run a login manager on my systems, instead opting for a tty login and then invoking xinit manually (slightly long story, it makes my life a lot easier to have a bunch of environment tweaks that my login shell sets up and has the rest inherit), but this leaves me with a security issue if someone else comes upon my PC, because even if I've locked my X session they can switch to a tty and kill my X session, dropping back to a shell.

I can either

Start running xinit; logout (which still has a race condition issue, if they get another Ctrl+C in before logout is invoked it'll give a shell) Try to disable the tty switching keys in X Wrap xinit in something to catch and ignore the signal from the Ctrl+C

View 1 Replies View Related

General :: Hdparm Secure Erase

Jan 11, 2011

can hdparm do secure erase on just a partition or does it have to be the whole drive?

View 5 Replies View Related

General :: Secure VNC Over SSH Error - RHEL 5.5

Mar 7, 2011

I am trying to do secure VNC over SSH to a remote linux server from my windows PC, but running into this error.

Error: Unable to connect to host: Connection refused (10061)

View 4 Replies View Related

General :: Access Secure OSX Directory

Dec 20, 2010

My better half spilled some coffee on her 8month old macbook and it decided not to work anymore. Apple says it will cost around $800 or more to fix, we wont be paying that, Ill be finding a logic board or service somewhere online now that our warranty is shot and going that route.But before I send the macbook off anywhere I need to pull some data off the HDD. I was able to plug the HDD into my Linux box(internally, I dont have an external enclosure). I was able to mount the drive and copy the directories I wanted to the HDD on my linuxbox.

But Im unable to to access the directory from the terminal or from the file browser, I get an access denied message. Because I know the username and password for the macbook is there a way I can use that to gain access to the directories?Google got me this far, but when I googled "access locked directory ubuntu" or any variation of that with the terms linux and osx thrown in there for good measure.

View 3 Replies View Related

General :: Cannot Open Secure Sites

Mar 3, 2010

I am using Firefox 2.0.0.8 and Opera.Both the browsers can open all sites except secure sites like, URL>..In Firefox I have checked SSL3.0 and TLS1.0.The default Enforcing mode of the OS I have set to 'Permissive'.

View 6 Replies View Related

General :: Use SSH (Secure Shell) Service?

Jun 11, 2010

I want to learn using SSH (Secure Shell) service in linux and connect to SSH server with PuTTY to test some commands, but I have not worked with it yet;

I have Ubuntu 9.04 on my "Virtual Machine" and my host OS is Win.XP and I have installed "OpenSSH server" and "PuTTY" from the ubuntu repository,

Is this action rational? I mean I want to connect from PuTTY on linux(on VM) to the SSH Server on linux?

(Meanwhile, I have no work with the host Windows and just wanna test it on the linux!)

where should I see the "Host Name/Ip Address" of the SSH Server to enter in the PuTTy's dialog? In windows we can use "ipconfig" command to see the IP Addresses, but I don't know what is the command in linx for this purpose?

use SSH Service in ubuntu correctly

View 1 Replies View Related

General :: Secure Coping Of Files Through SCP But Without SSH

Sep 23, 2010

If a user want secure coping of files through scp from one system to another system then how this can be done. This user have only been granted securing coping of files through another system but without ssh.

View 5 Replies View Related

General :: Secure Ubuntu On A Laptop?

Jun 13, 2011

I loaded Ubuntu on a Windows OS laptop and am finally figuring out how to connect wireless. Before I do what can I do that will protect me? I am told I don't need anti-virus. Is this accurate? Also, I want a really secure firewall...not one that an experienced hacker could see and just hop over.

View 3 Replies View Related

General :: Secure Shell/terminal For Ubuntu?

Jul 22, 2010

There are a couple commands I want to run in a terminal that require me to provide my password. I really don't want those commands ending up in any kind of history or anywhere else where they could be seen by someone after the command was run. Are there any shells/terminals for Ubuntu that I could use (or options to bash/zsh/etc) that would give me a secure environment where I don't have to worry about my history being kept?

View 3 Replies View Related

General :: Secure Screen For Use With A Menu Script?

Dec 10, 2010

I'm launching screen with the following command, inside a shell script that is set as a user's shell to keep them from escaping.

screen -dRRq -S ${USER}_MC -s $HOME/runthis.sh

Is there a way to secure screen, to keep the user from being able to even use the escape sequence, or at worst, prevent them from running commands like exec?

Edit: It's not that the user should have access to an actual command-prompt shell. I only want them to be able to run a single program that runs persistently, and as far as I know screen is the easiest way to do that. However, getting out of this is as easy as C-a : exec bash.

Right now I've just unbound most of the keys using .screenrc (especially colon), I just want to make sure I'm not missing something easier.

View 2 Replies View Related

General :: Secure Distro That Sends Traffic Through Tor?

Aug 2, 2011

I'm looking for a live Linux distro that is secure and preserves my anonymity online. For what I need, Tor seems to do the job - but such software requires configuration that someone who is not knowledgeable in how it works might find difficult. I was looking at 'Lightweight portable security' but it does not specify whether it sends all traffic through Tor. Does anyone know more information about it and/or any other such live Linux distro?

View 3 Replies View Related

General :: Cannot Connect To Secure Network (wpa_supplicant)

May 13, 2010

i believe it is a wpa_supplicant problem. running ubuntu 10.04 on a toshiba netbook. i have my account which cannot connect to internet, wicd returns an error that it cannot obtain ip address. cannot even connect to a unesecure network for that matter. if i switch users to another user and do the quick switch users i can get internet then i switched back to my main account and here i am postings. how do i begin to hunt down the problem logs, settings how do some of you begin to hunt down the cause of this and where it would be located.

View 1 Replies View Related

General :: Proxy Connect To Secure Computer W Key?

Nov 25, 2010

I've been searching for the exact set of tools to accomplish what I need. I was once at a LANparty. I used my webmail account and I think someone stole my password. I realized that the LAN used hubs instead of switches.

So next time, I thought I could run a server at home, which would allow me to connect with SSL (??). Then I would be able to connect to whatever website knowing that I was secure between myself and my home computer. I guess I would need to have a key before a secure connection could be made. Otherwise a "man in the middle" kind of exchange could take place.

So I guess I would need a VPN between myself and my home computer. Then my home computer would act as a proxy to allow me to surf securely. I'm not sure if these are the correct terms to use. Does anyone know what type of server I'm looking for?

View 1 Replies View Related

General :: File Share Security The Setup Is Not Secure At All?

Jan 7, 2010

Been messing around with Ubuntu 9.1 for the last few weeks and am loving it so far. Been trying to get in the terminal and learn a little something, to no avail. LOL I have been googling and searching the site today for info on networking. My Linux box is a desktop, with my main HDD mounted with music, and movies and some other stuff. My intent is to network the two laptops in the house (Windows XP and Windows 7) to the Linux box so I can listen to my music and watch movies when not in the office. I have found some info, mostly involving Samba, and plan to install Samba tonight and fiddle with it. My issue was with security. I have read a few posts and they talk about the fact that if you share files in this manner, the set up is not secure at all. Is this something i should really be concerned about? If the folders I share only have my music and videos in them,

View 4 Replies View Related

General :: Secure FTP Of A File To The Root Directory On CentOS?

Nov 2, 2010

I am running WHM and CPANEL on centos.I would like to upload a file to the root user directory. To be honest, my only experience uploading and downloading files with FTP has been with domain related accounts that were set up under WHM to be managed under CPANEL. This is quite simple, because all you do is set FileZilla or Dreamweaver up with the FTP address of the domain account and the username and password.How can I do something similar to FTP a file into the root or home directory?

View 1 Replies View Related

General :: Tell Me A Good GUI Based Tool To Secure PHP Code?

Mar 9, 2010

Can any one tell me a good GUI based tool to secure PHP code . i have tried ioncube but its not GUI based on linux

View 3 Replies View Related

General :: Secure Motherboard And Chip Set To Place In Mini ATX

Jan 31, 2011

Looking to build the first computer system from scratch and I have chosen Linux as my system. Learning about Linux is a must as I would like to get away from MS. Also, building the system will better equip me when I pursue a business venture within the next year or two.I presently take course work in accounting for a bachelor degree, but will attain another degree in software engineering, both from Herzing University. My present skill level in programming?

View 5 Replies View Related

General :: Running Website Using Secure Connection (HTTPS)?

Feb 23, 2010

I have the following details on my system:

- CentOS
- RHEL 5
- WebWare for Python

We have an exisiting website written in Python and was developed by other entities and now being maintained by us. We want to run the website using secure connection (HTTPS), I tried reading this article and successfully executed every instructions but still failed to run the website using HTTPS.

[URL]

The way we run the website is using port 8080, e.g. [URL] I am sure I am missing something here, first, I am still looking on where does the port 8080 comes from since I've checked the httpd.config and it wasn't there.

View 14 Replies View Related

General :: Secure The Usb Port By External Device Connection?

Apr 14, 2010

i want to secure the USB port by any external device connection. so i need the code of detection of an external device when plugged in the USB port.

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved