SUMMARY: Not so Anonymous FTP

From: Alex Goncharov (qa43ag@elvis.nwac.sea06.navy.mil)
Date: Wed Dec 07 1994 - 02:49:16 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Dear Sun-managers,

My original question:
______________________________________________________________________________

Sun-managers,

Hardware: SUN690
Software: Solaris 2.3 with multiple patches

Summary:

I have installed an Anonymous FTP on our system it works great, we use it
to collect different data from different companies. But my management is
concerned that the companies that compete for our business are able to see
and get each others data when they use our Anonymous FTP site.

I have also tried to give different restricted shell accounts to different
companies but the problem with restricted shell is that it does not allow
ftp connection. There is a way around it but it is cumbersome.

Question:

Is there a way to set up Not so Anonymous FTP where the user is required to
use a unique login and a password to transfer the data to our site, but at
the same time he/she will be limited to his/her directory only, where he/she
can not go around and explore our system.

Please advise, and if you can think of any other implementation or any utility
that can be used to accomplish this task please mention it.
Thanks Alex

______________________________________________________________________________

SOLUTION:

Thanks for the many responses I received.

1. 95% of the responses suggested using wu-ftpd-2.4.tar.Z
2. 4% of the responses suggested using remote shell method
3. 1% of the responses suggested other solutions

I decided to use wu-ftpd-2.4 as my solution. I used archie to find wu-ftpd-
2.4.tar.Z file. After changing few minor entries in the make files I was able
to compile it using GNU C compiler. The wu-ftpd daemon allows me to have
annonymous ftp and guest accounts for each independent site. Guest users are
just like annonymous ftp users except they have to provide login and password.
I provided logins and passwords for each site and now different companies that
transfer their data can't see or get each others files. To make the data that
gets transfered to my site even more secure I have used pgp encryption program
which is also available on the internet.

________________________________________________________________________________

N.W.A.D
Alex Goncharov
Electronics Engineer / Systems Administrator
qa43ag@elvis.nwac.sea06.navy.mil

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:09:16 CDT