The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Disabling root access via Ftp??

Discussion in 'General Discussion' started by damainman, Jan 29, 2004.

  1. damainman

    damainman Well-Known Member

    Joined:
    Nov 13, 2003
    Messages:
    515
    Likes Received:
    0
    Trophy Points:
    16
    I'm using pureftp and last night someone was trying to access root via ftp, but was unsuccessful. I was told that pureftp doesn't have anything by default that would prevent someone logging in to root.

    So i'm curious.. is this true or not?
     
  2. cortices

    cortices Well-Known Member

    Joined:
    Mar 10, 2003
    Messages:
    45
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Dallas, TX
    Add root to /etc/ftpusers.

    Any user listed in this file will not be able to FTP to your server. This is a standard which all FTP servers conform to.
     
  3. roax66

    roax66 Well-Known Member

    Joined:
    Jan 21, 2004
    Messages:
    56
    Likes Received:
    0
    Trophy Points:
    6
    On the contrary

    On the contrary I would like to access my server (which is using Pureftp) by logging in as root and also to be able to view the complete directory tree. From beginning on my server it is neither possible to log in as root nor to view the complete directory tree.
     
  4. cortices

    cortices Well-Known Member

    Joined:
    Mar 10, 2003
    Messages:
    45
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Dallas, TX
    On the contrary? If you are not able to login as root, then root is probably already in /etc/ftpusers. A few distributions follow this by default, as do some datacenters.

    Of course, this is as it should be. There is absolutely no excuse for logging into FTP or any other service for that matter with root. FTP is especially bad because it transmits passwords in clear text.
     
  5. webolocity

    webolocity Well-Known Member

    Joined:
    Jul 22, 2003
    Messages:
    78
    Likes Received:
    0
    Trophy Points:
    6
    SSH Program

    If you want a good program which uses SSH and allows for both view of trees (such as in FTP), as well as switching to shell, try this one.

    http://www.ssh.com/

    It is not free. but it works well, and utilizes SSH instead of in-secure FTP.

    Hope this helps.
     
  6. joako

    joako Well-Known Member

    Joined:
    Aug 7, 2003
    Messages:
    97
    Likes Received:
    2
    Trophy Points:
    8
    What do you do when you have to login as another user first and then SU as root? I cant seem to find an SU option in the program (I've been using it for quite a while..)
     
  7. roax66

    roax66 Well-Known Member

    Joined:
    Jan 21, 2004
    Messages:
    56
    Likes Received:
    0
    Trophy Points:
    6
    No, root is not in my /etc/ftpusers. I get a Authentication failed in my WS_ftp.
     
  8. webolocity

    webolocity Well-Known Member

    Joined:
    Jul 22, 2003
    Messages:
    78
    Likes Received:
    0
    Trophy Points:
    6
    Re: ssh.com program

    --------------------------------------------------------------------
    Re: "What do you do when you have to login as another user first and then SU as root? I cant seem to find an SU option in the program (I've been using it for quite a while..)"
    -------------------------------------------------------------------

    We use it to login as root since it uses SSH, and we give no other accounts shell access.

    What I would try is to sign on as the user via the ftp part, and than connect to the shell part using the toggle at the top, su as root, than use the toggle again to go back to the FTP part, and see if it than has you as root.

    I would close out the FTP part, after you have gone to shell, so that it would need to be re-opened when you use the link to get back to that part of the program (after you have used su to root in shell).

    Usually, when you use the icon, after signing into shell you are not required to log in again, so maybe it would not require a re-login to the FTP portion as well.

    Hope that works for you.
     
    #8 webolocity, Jan 31, 2004
    Last edited: Jan 31, 2004
  9. touma

    touma Member

    Joined:
    Apr 13, 2004
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    São Paulo - Brasil
  10. jamesbond

    jamesbond Well-Known Member

    Joined:
    Oct 9, 2002
    Messages:
    738
    Likes Received:
    1
    Trophy Points:
    18
    I recently switched to Pureftpd, but the /etc/ftpusers file doesn't seem to have any effect with Pureftpd

    When I try to log in with a username listed in /etc/ftpusers I get this message :

    331 User test OK. Password required

    Can someone verify this?

    Other things I noticed:

    - pureftpd doesn't log failed attempts to /var/log/secure (proftpd does)
    - the shell command 'last' doesn't show any users who logged in with ftp
     
    #10 jamesbond, Jul 25, 2005
    Last edited: Jul 25, 2005
Loading...

Share This Page