bind9, apache 2 & sftp management
 

Hi

* ΔημήτÏ�ης ΖÎ*Ï�βας (01ttouch@gmail.com) [04.09.12 21:48]:
> I would really like to have only SFTP and not any FTP daemon.
> however, if ftp is so much easier, then ok, ftp daemon...

https://wiki.archlinux.org/index.php/SFTP-chroot

this should help for the SFTP only access.

HTH
Sebastian

--
" Religion ist das Opium des Volkes. " | _ ASCII ribbon campaign
Karl Marx | ( ) against HTML e-mail
SEB@STI@N GÃœNTHER | X against M$ attachments
mailto:arch@teageek.de | / www.asciiribbon.org

bind9, apache 2 & sftp management
 

i know that, my problem is "central management" so my users can add their
domains etc.
On Sep 5, 2012 12:21 AM, "Sebastian Günther" <arch@teageek.de> wrote:

>
> Hi
>
> * ΔημήτÏ�ης ΖÎ*Ï�βας (01ttouch@gmail.com) [04.09.12 21:48]:
> > I would really like to have only SFTP and not any FTP daemon.
> > however, if ftp is so much easier, then ok, ftp daemon...
>
> https://wiki.archlinux.org/index.php/SFTP-chroot
>
> this should help for the SFTP only access.
>
> HTH
> Sebastian
>
> --
> " Religion ist das Opium des Volkes. " | _ ASCII ribbon campaign
> Karl Marx | ( ) against HTML e-mail
> SEB@STI@N GÃœNTHER | X against M$ attachments
> mailto:arch@teageek.de | / www.asciiribbon.org
>

bind9, apache 2 & sftp management
 

On Tue, Sep 4, 2012 at 4:59 PM, ΔημήτÏ�ης ΖÎ*Ï�βας <01ttouch@gmail.com> wrote:
> i know that, my problem is "central management" so my users can add their
> domains etc.

http://www.proftpd.org/docs/contrib/mod_sftp.html

... at work we run a setup that uses PAM to authenticate, but the PAM
module ONLY looks at a Django database for users/etc (per a custom PAM
service name) ... then we run proftpd specifically for SFTP-only
access by external vendors. postgres is the DB in use (which, of
course, there is no reason to run anything else because postgres is
phenomenally more powerful and simple than ... others ;-).

the files have been scrubbed (via regex, possibly subtly broken in
process) but it should get you going; things to note as they will
likely need attention:

- targets debian, arch will need uid/gid tweaks, among others?
- requires bcrypt django auth (if used)
- requires pgcrypto for the target DB (if used ^^^^)

... all files are pretty well commented tho. HTH.

https://gist.github.com/3651050

# tree
.
`-- etc
|-- pam.d
| `-- stuff
|-- stuff
| `-- proftpd.conf.head
|-- stuff.pam_pgsql.conf
`-- stuff.proftpd.conf

--

C Anthony

bind9, apache 2 & sftp management
 

hmm, very nice!
thank you!
but about bind & apache?
is there any module so i can manage the from a DB?
--
(\_ /) copy the bunny to your profile
(0.o ) to help him achieve world domination.
(> <) come join the dark side.
/_|_ (we have cookies.)



On Thu, Sep 6, 2012 at 7:06 AM, C Anthony Risinger <anthony@xtfx.me> wrote:

> On Tue, Sep 4, 2012 at 4:59 PM, ΔημήτÏ�ης ΖÎ*Ï�βας <01ttouch@gmail.com>
> wrote:
> > i know that, my problem is "central management" so my users can add their
> > domains etc.
>
> http://www.proftpd.org/docs/contrib/mod_sftp.html
>
> ... at work we run a setup that uses PAM to authenticate, but the PAM
> module ONLY looks at a Django database for users/etc (per a custom PAM
> service name) ... then we run proftpd specifically for SFTP-only
> access by external vendors. postgres is the DB in use (which, of
> course, there is no reason to run anything else because postgres is
> phenomenally more powerful and simple than ... others ;-).
>
> the files have been scrubbed (via regex, possibly subtly broken in
> process) but it should get you going; things to note as they will
> likely need attention:
>
> - targets debian, arch will need uid/gid tweaks, among others?
> - requires bcrypt django auth (if used)
> - requires pgcrypto for the target DB (if used ^^^^)
>
> ... all files are pretty well commented tho. HTH.
>
> https://gist.github.com/3651050
>
> # tree
> .
> `-- etc
> |-- pam.d
> | `-- stuff
> |-- stuff
> | `-- proftpd.conf.head
> |-- stuff.pam_pgsql.conf
> `-- stuff.proftpd.conf
>
> --
>
> C Anthony
>

bind9, apache 2 & sftp management
 

ok, i found the solution!
I use powerdns & mod_dbd_mysql (I will also you pam with mysql)
I develop an ncurses based panel to control the domain records

--
(\_ /) copy the bunny to your profile
(0.o ) to help him achieve world domination.
(> <) come join the dark side.
/_|_ (we have cookies.)



On Thu, Sep 6, 2012 at 11:36 AM, ΔημήτÏ�ης ΖÎ*Ï�βας <01ttouch@gmail.com> wrote:

> hmm, very nice!
> thank you!
> but about bind & apache?
> is there any module so i can manage the from a DB?
>
> --
> (\_ /) copy the bunny to your profile
> (0.o ) to help him achieve world domination.
> (> <) come join the dark side.
> /_|_ (we have cookies.)
>
>
>
> On Thu, Sep 6, 2012 at 7:06 AM, C Anthony Risinger <anthony@xtfx.me>wrote:
>
>> On Tue, Sep 4, 2012 at 4:59 PM, ΔημήτÏ�ης ΖÎ*Ï�βας <01ttouch@gmail.com>
>> wrote:
>> > i know that, my problem is "central management" so my users can add
>> their
>> > domains etc.
>>
>> http://www.proftpd.org/docs/contrib/mod_sftp.html
>>
>> ... at work we run a setup that uses PAM to authenticate, but the PAM
>> module ONLY looks at a Django database for users/etc (per a custom PAM
>> service name) ... then we run proftpd specifically for SFTP-only
>> access by external vendors. postgres is the DB in use (which, of
>> course, there is no reason to run anything else because postgres is
>> phenomenally more powerful and simple than ... others ;-).
>>
>> the files have been scrubbed (via regex, possibly subtly broken in
>> process) but it should get you going; things to note as they will
>> likely need attention:
>>
>> - targets debian, arch will need uid/gid tweaks, among others?
>> - requires bcrypt django auth (if used)
>> - requires pgcrypto for the target DB (if used ^^^^)
>>
>> ... all files are pretty well commented tho. HTH.
>>
>> https://gist.github.com/3651050
>>
>> # tree
>> .
>> `-- etc
>> |-- pam.d
>> | `-- stuff
>> |-- stuff
>> | `-- proftpd.conf.head
>> |-- stuff.pam_pgsql.conf
>> `-- stuff.proftpd.conf
>>
>> --
>>
>> C Anthony
>>
>
>