1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Secure ftp without giving shell access

Discussion in 'Plesk for Linux - 8.x and Older' started by ebinc, Apr 17, 2005.

  1. ebinc

    ebinc Guest

    0
     
    Hi

    Is their a way to provide secure ftp, but without allowing shell terminal access?

    I see anyone logged in via ftp can go up a level and see what other domains are hosted on the server

    is their a way to lock their view only to their domain folders?

    also what is the url for a domain setup on a Plesk virtual account (shared ip)
    that will let a client view their website until their domain name propagates?

    Thanks
     
  2. poke

    poke Guest

    0
     
    I have no idea about how to fix this, but, anyone can see what domains are hosted on a box using reverse dns lookup on your IP anyway ....

    www.whois.sc

    -poke
     
  3. etan

    etan Guest

    0
     
    DefaultRoot ~ psacln


    Make sure that is in between your Global settings
    in /usr/local/psa/ftpd/etc/proftpd.conf

    That should lock them to there homedir
     
  4. etan

    etan Guest

    0
     
    no they cant, unless you have PTR records assigned for each of your domains that you host, which you shouldnt

    You should only have one PTR record per ip address.

    check your dns template settings.
     
  5. poke

    poke Guest

    0
     
    www.break.co.nz = 1.1.1.1

    Advanced View of 1.1.1.1

    10 domains found on 1.1.1.1
    Showing all 10.

    Website
    edited



    so what just happened here..... or was you signature not your actual URL

    regards,
    poke
     
  6. etan

    etan Guest

    0
     
    ****, i retract my comment..


    please remove those from your post :)
     
  7. poke

    poke Guest

    0
     
    sorry dude if i exposed your urls ...:p They are removed!!

    peace out,

    poke
     
  8. etan

    etan Guest

    0
     
    interesting it only shows .com domains
     
  9. poke

    poke Guest

    0
     
    Yeah that is interesting.... I looked around whois.sc and didn't see anything on why only .com's appear....

    -poke
     
  10. ebinc

    ebinc Guest

    0
     
    Re: Re: Secure ftp without giving shell access

    I have this, its not stoping ftp users logged in from viewing what domains are hosted on the server


    heres what my file looks like

    ServerName "ProFTPD"
    ServerType inetd
    ServerType inetd
    DefaultServer on
    <Global>
    DefaultRoot ~ psacln
    AllowOverwrite on
    </Global>
    DefaultTransferMode binary
    UseFtpUsers on

    Thanks
    Ed
     
Loading...