FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 01-08-2010, 08:52 PM
Dotan Cohen
 
Default Disallow other users from reading my $HOME

> In addition to using chmod as suggested by others, for securing
> your files, why not try using encfs on directories that you *really* want
> to protect from prying eyes? The added bonus is even root cannot see
> those files and booting off a cd also will not let others look at
> your files.
>

Thanks for the idea. I do not need that level of security, I just want
to open another account on this machine so that my neighbour can send
me pics of our daughters' joint birthday party over wifi! I like
having the security that if some component of this machine breaks, I
can mount the drive anywhere and recover the data.

--
Dotan Cohen

http://what-is-what.com
http://gibberish.co.il


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-08-2010, 09:42 PM
green
 
Default Disallow other users from reading my $HOME

Dotan Cohen wrote at 2010-01-08 15:52 -0600:
> > In addition to using chmod as suggested by others, for securing
> > your files, why not try using encfs on directories that you *really* want
> > to protect from prying eyes? The added bonus is even root cannot see
> > those files and booting off a cd also will not let others look at
> > your files.
>
> Thanks for the idea. I do not need that level of security, I just want
> to open another account on this machine so that my neighbour can send
> me pics of our daughters' joint birthday party over wifi! I like
> having the security that if some component of this machine breaks, I
> can mount the drive anywhere and recover the data.

Have you considered Samba? I think you can set up a password-protected or
public share without adding a user to the system.
 
Old 01-08-2010, 09:58 PM
Dotan Cohen
 
Default Disallow other users from reading my $HOME

> Have you considered Samba? *I think you can set up a password-protected or
> public share without adding a user to the system.
>

Does that work over wifi? I figured that I would just give him the
password to the already-existing "guest" user on this system and let
him SSH in. He can figure out what to do with Putty on his Windows
machine, I'm sure.


--
Dotan Cohen

http://what-is-what.com
http://gibberish.co.il


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-09-2010, 03:57 AM
green
 
Default Disallow other users from reading my $HOME

Dotan Cohen wrote at 2010-01-08 16:58 -0600:
> > Have you considered Samba? *I think you can set up a password-protected or
> > public share without adding a user to the system.
>
> Does that work over wifi?

Certainly. If your computer is on the same network as his (both connected to
the same access point), Windows should list your computer in "Network Places"
or somesuch. Or just use "Map Network Drive" and the address
"<yourip><sharename>".

> I figured that I would just give him the
> password to the already-existing "guest" user on this system and let
> him SSH in. He can figure out what to do with Putty on his Windows
> machine, I'm sure.

I would consider Samba to be more secure (other thoughts anyone?); I feel
cautious about giving someone a network-accessible shell.

Samba will limit access to a specific folder.
 
Old 01-09-2010, 10:03 PM
Andrei Popescu
 
Default Disallow other users from reading my $HOME

On Wed,06.Jan.10, 15:11:17, Bob McGowan wrote:

> And 700 is not excessively paranoid. Since anyone can belong to a
> group, it is possible for the "personal" group to have other names added
> to it. Using 700 guarantees they have no access, if this should happen.

Only root can do that and if you don't trust root on a system nothing
will help.

Regards,
Andrei
--
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
 
Old 01-09-2010, 10:05 PM
Andrei Popescu
 
Default Disallow other users from reading my $HOME

On Fri,08.Jan.10, 22:57:50, green wrote:
>
> I would consider Samba to be more secure (other thoughts anyone?); I feel
> cautious about giving someone a network-accessible shell.
>
> Samba will limit access to a specific folder.

There are various ways to limit access to sftp only if an additional
server is not desired and speed is not an issue.

Regards,
Andrei
--
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
 
Old 01-18-2010, 11:31 AM
Dotan Cohen
 
Default Disallow other users from reading my $HOME

2010/1/10 Andrei Popescu <andreimpopescu@gmail.com>:
> On Fri,08.Jan.10, 22:57:50, green wrote:
>>
>> I would consider Samba to be more secure (other thoughts anyone?); I feel
>> cautious about giving someone a network-accessible shell.
>>
>> Samba will limit access to a specific folder.
>
> There are various ways to limit access to sftp only if an additional
> server is not desired and speed is not an issue.
>

Speed is an issue (transfering gigs), but if it is not excessively
slow than we could live with it. What are the various ways? I have
googled a bit, but found nothing better than a simple user account for
him.

--
Dotan Cohen

http://what-is-what.com
http://gibberish.co.il


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-18-2010, 12:31 PM
Andrei Popescu
 
Default Disallow other users from reading my $HOME

On Mon,18.Jan.10, 14:31:59, Dotan Cohen wrote:

> > There are various ways to limit access to sftp only if an additional
> > server is not desired and speed is not an issue.
>
> Speed is an issue (transfering gigs), but if it is not excessively
> slow than we could live with it. What are the various ways? I have
> googled a bit, but found nothing better than a simple user account for
> him.

I was thinking about scponly. Also the speed can be improved if you tune
the encryption/compression options.

Regards,
Andrei
--
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
 

Thread Tools




All times are GMT. The time now is 10:15 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org