I've searched a lot of websites and have found no answers. How can I create just a normal FTP account (which can be used on Port 22 for Filezilla aswell as the SSH) that is in the folder "/home/hisname"? I want it to only be able to make files in that directory and run them, and make it so he can't mess with any other parts of the system.
I've really been searching all morning. Please help.
As long as you have an FTP server installed, a regular user should be able to use it in authenticated mode - no special qualities needed.
https://help.ubuntu.com/10.04/serverguide/ftp-server.html
This depends on which ftp daemon you use. Normally, FTP accounts are just the normal accounts you use to log in to your machine. You can change a standard user's login directory by modifying /etc/passwd, for example, or when creating the new user.
Related
Have the machine list in the network. Changed a user, adding them to a group to give write permissions on a directory.
User still cannot make changes in directory, probably because the winows client is still logged in.
Is there a way to log the user out of the Samba connection without rebooting the machines? That seems a bit drastic.
The problem was the windows user could not write to the samba share.
A partial solution was to add that user to the group in question.
The other part of the solution was to add
writable = yes
to the smb.conf and restart samba, which immediately gave write access to the user.
The solution was not in the reboot.
I tried searching on net for hours but couldn't get any useful answer. It would be of great help if I could be provided with a code accomplishing this.
I have IP address of a remote server which is password protected (it needs user name and password to login)
I need to write a code in VB.NET that creates a folder in this remote server and copies a file from local server (in which the code is executing) to the remote server.
thanks in advance
This is not technically possible, its a way of hacking.
Thats why we have other technology to do it i.e. FTP, SFTP, Webdav.
I would suggest you to do same, use either of above technologies and do your stuff.
I need to use nodejs to write file to a password protected shared folder on a remote machine running Windows server 2008 r2, how can I do impersonation things within nodejs like .net app does?
Thx in advance!!!
PS:
Sorry for the unclear description. The folder is set to shared across the internal network on the remote windows server system, the folder is set to "readonly" for the windows account explicitly created by the admin. The nodejs server is on the same internal network and need to access the remote shared folder, thus I think nodejs need to impersonate the windows account on the remote machine to read contents from the shared folder. My question is how to do the sorry for the unclear description. The folder is set to shared across the internal network on the remote windows server system, the folder is set to "readonly" for the windows account explicitly created by the admin. The nodejs server is on the same internal network and need to access the remote shared folder, thus I think nodejs need to impersonate the windows account on the remote machine to read contents from the shared folder. My question is how to do the impersonation stuff for nodejs?
Late to the party - but since there is no accepted answer...
You'll need to launch your node process using the account that has access to the network share. How this is done differs based on your setup. For example, if you're runnning node on a lLinux server trying to connect to the remote Windows server, then it's not going to be straightforward with node.
However; if you're running node on a Windows server, trying to connect to a remote share on another Windows server (which is what it sounds like your situation probably is). Again, you'll have to run your node script as a user with access to the remote share. If you need to do it from code, I'd suggest taking a look at my module node-windows. It doesn't provide remote share access specifically, but it will allow you to run command line code with a different account from within your node script.
After a long research here on Stackoverflow and on net I didn't found nothing talking about it. As the title say, how can I do that?
For example: I am owner of a hosted website that allow me to manage the database via PhpMyAdmin. When I try to connect to my database via prompt, the connection never go fine. It could be because of OS settings (right?).
How can I do that (in both OSs).
Thanks in advance.
If I understand your question correctly:
You have a website with a MySql database hosted on your providers servers.
When you try to use your local PC installation of MySql from a command prompt, it will not let you connect.
I use dreamhost.com and have a similar setup. If I want to use database tools from my local PC to connect to the database, I have to enter my IP address in the db configuration page under "allowed hosts".
Restricting remote database connections to specific IP addresses protects your database from random hacking attempts.
As for your question about restricting command line execution of a program, that is usually just caused by missing configuration information in the environment variables - leaving the path to the executable out of the PATH variable is a common one. You would still be able to run the program if you enter the full path to it.
It really depends on the error message you get when trying to run the program from the command line.
I've had a FTP server (Mac OS X, but not the server version) set up for a while where the users are virtual, i.e. they are not actual user accounts in the server's OS, but accounts handled by the FTP server software -- to the OS they all look like the ftp user account. I'd like to retire the FTP server software and go SFTP instead.
Is there a way to set up SFTP/SSH so that I can create virtual users and at the same time sandbox them?
The reason I want virtual users is because I add and remove accounts from time to time, and doing that with proper user accounts tend to get messy, and I don't know of a good way to sandbox them. There's always some files left and each user has their own user directory (with a lot of files only relevant if they would actually log on to the machine when sitting in front of it), which is quarantined when the account is removed, so you have to remove it by hand yourself, and so on.
The usual generic Unix answer to this is 'PAM'. If you want plain old OpenSSH SSHD to handle your SFTP, you need something plugged in to SSHD's PAM stack (/etc/pam.d/sshd) that does what you need and leaves out what you don't need. This might be a general-purpose directory server (probably LDAP) that maps all your virtual users to one home directory and gives them a restricted or scponly kind of shell.
If you want to look at FTP servers that can also do FTP-ssl (which is not the same as SFTP), good ftp servers like Pure-ftpd or vsftp will do that. FTP-ssl servers have simpler virtual user support.
http://www.bsdguides.org/guides/freebsd/networking/pure-ftpd_virtual_users.php
If you're open to commercial products, VShell Server from Van Dyke Software is available on Unix/Linux/Windows, supports virtual users (multiple backends) with SSH and SFTP protocols:
VShell Server
JSCAPE SFTP Server is a commercial, cross-platform server that does what you want.
http://www.jscape.com/
I know, sounds like I work for them, but I don't :)
There is sftpgo which supports virtual users and much more.