TurnKey Linux Virtual Appliance Library

FTP with SAMBA VM

I am new to TurnKey Linux VM's and I love them...I have a problem with one of them currently and cannot seem to come up with an answer...so I willposit the scenario as best I can in hopes of attaining a solution.

VM is the File Server found here: http://www.turnkeylinux.org/fileserver

I am the administrator of this system and I can remote into it with my browser and Filezilla and Putty with no limitations that I currently have experienced. I have a user that is trying to create a script that will populate the storage part of this server with data from a another Linux computer...RHEL 5.7. The method of connection to the SAMBA share he is trying to employ is a standard ftp connection...since this is a part of a script...he is telling me that there is a problem with creating this utilizing the sftp connection that works just fine for me a Windows user connecting with Filezilla...but is not working for him because of this secure part...can someone help me to figure out how to make it so he can script a connection to the file server utilizing standard ftp. I have created him a dedicated user account with its home directory the root of the SAMBA share...so he will not be able to climb higher than that in the system. Any help here would be most appreciated.

 

Thanks

Jeremy's picture

In TKL appliances

SFTP is provided by the openssh-server package. It provides both SSH and SFTP (FTP over SSH). For vanilla FTP you will need another package to provide that such as vsftpd. The complication there is that vsftpd is already installed in the Fileserver appliance but is bound to local host (it provides the FTP component of the Fileserver WebUI - ie eXtplorer). If you don't use that you could quite easily reconfigure vsftpd to accept remote connections.

If you do use that bit then I'm not really sure how you'd go about setting it up. You may be able to configure vsftp to do both (but I'm not sure how or even if it's possible). Alternatively you could try installing an alternative FTP app (such as proftpd) but again I'm not sure how you'd go and whether there may be a conflict between vsftpd and proftpd both trying to listen on port 21 (standard FTP port) even though vsftpd is bound to localhost.

For security you may wish to also consider jailing his account, because even though he may not be able to write higher than his home folder, unless he is jailed he will be able to browse higher (in fact possibly browse the whole system depending on his and other user permissions).

So how about this for an idea?

If VSFTP is installed and connected to the eXtplorer...what would happen if I removed it...using whatever form of apt-get to do so...does it remove all files associated with the process of eXtplorer...and thusly...the connection to VSFTP...thusly allowing me to reinstall the VSFTP and use it as a normal ftp client??

 

Where is the VSFTP bound to localhost and is this something I can change? I do not use the eXtplorer at all and would like to use the ftp portion of this program if I can.

I am pretty new to this stuff so if it seems that  I am asking basic questions...please forgive me as I am learning on the fly.

Jeremy's picture

OK, then it should be pretty easy

Considering that you don't use eXtplorer then there is no need to reinstall. You'll just need to reconfigure it. And really it's pretty easy! :)

Have a look at the Ubuntu Server Guide on FTP here. You can skip straight down to the Authenticated section to set up your user. You may also wish to read the Security section (that follows on). There'll you'll be able to easily set up the chroot jail I mentioned above. You'll also note that at the end there are some useful links for further info if need be.

I'm no expert when it comes to vsftpd but I'm fairly handy with Linux stuff so if you have any issues I'm happy to help where I can.

Post new comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account, used to display your avatar.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <strike> <caption>

More information about formatting options

Leave this field empty. It's part of a security mechanism.
(Dear spammers: moderators are notified of all new posts. Spam is deleted immediately)