Tags Tags

Remote user file system access

February 07th, 2011 - 05:36 am ET by Mario M. Mueller | Report spam
Help Create a new topic
Hi,

I'm looking for an ftp placement for security reasons. Until now I use
proftpd with following features:

1. virtual users (MySQL managed)
2. per user quotas (also MySQL managed)
3. chroot to "virtual home"

If I want to add encryption I step into the following issues:

In general:

FTPS: client side firewall issues
SFTP: chroot issues
WEBDAVS: unstable on big files

Other issues:

1. FTPS with proftpd:
- package broken on lucid (https://bugs.launchpad.net/bugs/580512)

2. SFTP with proftpd:
- third party module, not enabled in lucid
- I don't know if quotas work anymore

3. SFTP with openssh:
- chroot only if using a jail
- no quotas I think

So, does anyone know an access system fulfilling the three "features"
plus "issue-less" encryption? User management must not necessarily use
MySQL, but I need non-system users.

If possible, I don't want to compile software on my own (discarding the
systems package/update management).

Mario
email Follow the discussionReplies 6 repliesReplies Make a reply

Replies

#1 DarwinSurvivor
February 09th, 2011 - 04:44 am ET | Report spam
On 02/07/2011 02:36 AM, Mario M. Mueller wrote:
Hi,

I'm looking for an ftp placement for security reasons. Until now I use
proftpd with following features:

1. virtual users (MySQL managed)
2. per user quotas (also MySQL managed)
3. chroot to "virtual home"

If I want to add encryption I step into the following issues:

In general:

FTPS: client side firewall issues
SFTP: chroot issues
WEBDAVS: unstable on big files

Other issues:

1. FTPS with proftpd:
- package broken on lucid (https://bugs.launchpad.net/bugs/580512)

2. SFTP with proftpd:
- third party module, not enabled in lucid
- I don't know if quotas work anymore

3. SFTP with openssh:
- chroot only if using a jail
- no quotas I think

So, does anyone know an access system fulfilling the three "features"
plus "issue-less" encryption? User management must not necessarily use
MySQL, but I need non-system users.

If possible, I don't want to compile software on my own (discarding the
systems package/update management).

Mario


Look into NFS and/or Samba. They are designed for large files, can
accomodate non-system users and I'm pretty sure you can use quotas.

The only thing I don't like about it is that you can't (at least as far
as *I* can find) use PKI for authentication.


~Doug

Similar topics

Make your own search :