[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Xserve, FTP Server solution.

Subject: Re: Xserve, FTP Server solution.
From: Dan Shoop <email@hidden>
Date: Wed, 27 Oct 2004 19:44:30 -0400
Delivered-to: email@hidden
Delivered-to: email@hidden

At 11:16 AM -0700 10/27/04, Chuck Theobald wrote:

Jon,
We had problems making the stock OS X ftp server actually work, it would crash on each connect attempt. Also, since it (xftpd) is based on wu-ftpd, known for past security problems, we had security concerns. We replaced the stock xftpd with PureFTPD. In retrospect, I probably would have gone with proftpd instead for more product maturity and richer configuration options. The downside is that the GUI seems hardwired for xftpd, so configuration will need to be done with an actual text editor (your favorite, or vi ;-) ). It can be made to start on demand by editing the file /etc/xinetd.d/ftp.

If you plan on supporting a lot of FTP traffic you'll do best to run the FTPd server stand alone.

The upside is proftpd can be made to authenticate against Open Directory (OpenLDAP with Apple mods) via pam, so you can manage user accounts in the Workgroup Manager.

ProFTP can authenticate MANY different ways. In ISP scenarios RADIUS gets a lot of attention too.

The setup you describe could easily be replicated with some shell scripting to create the directories and set permissions and/or restoring from your backups to the OS X server.

Except that they aren't necessary since ProFTP can create directories on the fly for new users at their first login.

Since the poster wanted a place for mail spools too, these should then be separated. (Why do you need FTP access to your mailboxen? The luser will just fuxor it.)

--

-dhan

------------------------------------------------------------------------
Dan Shoop                                              email@hidden
Consulting Internet Architect                              email@hidden
AIM: iWiring                                     http://www.iwiring.net/
Skype: danshoop                                   http://www.ustsvs.com/

pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF  12B1 7840 3BE7 3736 DE0B

iWiring designs and supports Internet systems and networks based on
Mac OS X, unix, and Open Source application technologies and offers
24x7, guaranteed support to registered clients, at affordable rates.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden

This email sent to email@hidden

References:
	>Re: Xserve, FTP Server solution. (From: Chuck Theobald <email@hidden>)

Prev by Date: Re: Read/Write for ALL windows users
Next by Date: Re: System log MAC addresses changes with strange IP address?
Previous by thread: Re: Xserve, FTP Server solution.
Next by thread: RE: Xserve, FTP Server solution.
Index(es):
- Date
- Thread

Home