The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

is ftp secure ?

Discussion in 'General Discussion' started by Radio_Head, Nov 10, 2002.

  1. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    One of my client is writing me that ftp is unsecure such as ssh .
    He is writing me that with ftp he is able to browse other accounts such as using ssh (!) . Is it true ?


    Thanks
     
  2. Shurik

    Shurik Member

    Joined:
    Jun 13, 2002
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    FTP accessibility depend on properties of askable folder.
    These are mode, owner and group of folder.
    If these attributes are configured rightly FTP user have access to his individual folder only and cannot browse other users' folders.

    There is to possible to configure SSH as ordinary user have access to his folders only.
    I configured it so as user can change directory to not his one but he can't browse this folder (he see no files in this folder even they are present).

    It is necessary to manipulate directory user and group.

    www.hostony.com
    The Best web shared, dedicated and outsourced hosting.
     
  3. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    38
    FTP is insecure and it is possible to connect using sftp. Normally ou need a client that supports sftp, nothing special is necessarily required on your part, as far as I know.
     
  4. pkgeev01

    pkgeev01 Registered

    Joined:
    Mar 18, 2002
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Quick Fix

    By default if you are using ProFtpd, it allows users to browse outside their &home& directory. To prevent this add this line to the proftpd.conf file.

    DefaultRoot ~
     
  5. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    [quote:1437a64f9e][i:1437a64f9e]Originally posted by pkgeev01[/i:1437a64f9e]

    By default if you are using ProFtpd, it allows users to browse outside their &home& directory. To prevent this add this line to the proftpd.conf file.

    DefaultRoot ~

    [/quote:1437a64f9e]

    I noticed that I have DefaultRoot ~ on every ftp account .
    However I have still some doubt to be safe .
     
  6. bmcpanel

    bmcpanel Well-Known Member

    Joined:
    Jun 1, 2002
    Messages:
    546
    Likes Received:
    0
    Trophy Points:
    16
    Maybe your client is looking at their &sub-root& files and they only &think& they are outside their home directory.
     
Loading...

Share This Page