Servicios

Web hosting
Ver »
Páginas Web
Ver »
Soporte UNIX
Ver »
UNIX TIPS
Ver »

Setup Anonymous FTP

Anonymous FTP Should be considered a security concern and should be enabled only if it is absolutely necessary. Also, to allow FTP to work properly in a chroot environment, make sure that the file system containing the FTP home directory is not mounted as nosuid.

  1. Crear la esctructura de directorio FTP home directory: 
    mkdir /export/ftp/pub
    mkdir /export/ftp/bin
    mkdir /export/ftp/dev
    mkdir /export/ftp/etc
    mkdir /export/ftp/usr
    mkdir /export/ftp/usr/lib
  2. Copiar el binario de ls comand al  FTP bin directory: 
    cp /usr/bin/ls /export/ftp/bin
    chmod 111 /export/ftp/bin/ls
  3. Copiar librerias necesarias dentro del  FTP directory: 
    cp /usr/lib/ld.so* /export/ftp/usr/lib
    cp /usr/lib/libc.so.1 /usr/lib/libdl.so.1 /export/ftp/usr/lib
    cp /usr/lib/libintl.so.1 usr/lib/libw.so.1 /export/ftp/usr/lib
    cp /etc/passwd /etc/group /etc/netconfig /export/ftp/etc
  4. Copiar archivos necesarios dentro del FTP directory structure a resolver  NIS names: 
    cp /usr/lib/nss*.so.1 /export/ftp/usr/lib
    cp /usr/lib/libnsl.so.1 /export/ftp/usr/lib
    cp /usr/lib/straddr.so /export/ftp/usr/lib
    cp /etc/nsswitch.conf /export/ftp/etc
  5. Asignar permisos en  /export/ftp/usr/lib y /export/ftp/etc directories: 
    chmod 555 /export/ftp/usr/lib/*
    chmod 444 /export/ftp/etc/*
  6. Asignar permisos a los directorios creados: 
    chmod 555 /export/ftp/usr/lib
    chmod 555 /export/ftp/usr
    chmod 555 /export/ftp/bin
    chmod 555 /export/ftp/dev
    chmod 555 /export/ftp/etc
    chmod 755 /export/ftp/pub
    chmod 555 /export/ftp
  7. Agregar la siguiente linea en  /etc/passwd file: 
    ftp:x:30000:30000:Anonymous FTP:/export/ftp:/bin/false
  8. Agregar la siguiente linea en  /etc/shadow file: 
    ftp:NP:6445::::
  9. Asegurar permisos sean propiedad de root y no de FTP: 
    chown -R root /export/ftp
  10.  Enjoy

Regresar

Random TIPS

CONVERT OpenSSH KEY TO SSH2 KEY

Run the OpenSSH version of ssh-keygen on your OpenSSH public key to convert it into the format needed by SSH2 on the remote machine. This must be done on the system running OpenSSH.
#ssh-keygen -e -f ~/.ssh/id_dsa.pub > ~/.ssh/id_dsa_ssh2.pub

CONVERT SSH2 KEY TO OpenSSH KEY

Run the OpenSSH version of ssh-keygen on your ssh2 public key to convert it into the format needed by OpenSSH.
This needs to be done on the system running OpenSSH.
#ssh-keygen -i -f ~/.ssh/id_dsa_1024_a.pub > ~/.ssh/id_dsa_1024_a_openssh.pub

free counters