mhall119 | depends on the protocol | 00:02 |
---|---|---|
* mhall119 assumes you're talking network printing | 00:02 | |
RoAkSoAx | itnet7: ping | 00:24 |
Chloric | evening fellas | 00:43 |
itnet7 | RoAkSoAx: pong | 15:08 |
RoAkSoAx | itnet7: pm | 15:14 |
mhall119 | morning itnet7 | 15:14 |
mhall119 | and RoAkSoAx | 15:14 |
DammitJim | morning | 15:21 |
RoAkSoAx | morning mhall119 :) | 15:27 |
itnet7 | hey there mhall119 ! | 15:28 |
reya276 | Morning everyone | 15:33 |
itnet7 | Morning reya276 ! | 15:35 |
itnet7 | Hope things get better today, read you FB post | 15:35 |
reya276 | LOL, yeah me too man | 15:36 |
itnet7 | read you/read your/s/ | 15:36 |
reya276 | feel like total junk today | 15:36 |
itnet7 | Sorry to hear that | 15:36 |
reya276 | itnet7, do you know of a good guide to setup an ssh/SFTP for clients to connect to a Ubuntu server and Download/Upload files to | 15:37 |
itnet7 | reya276: I think there are some really good Server Community Documents that are pretty straightforward, let me see if I can find some links | 15:38 |
reya276 | ah cool, thanks. I'm actually looking in there now but I don't see anything like what I want to do. I know that at some point when I was a total newbie with Ubuntu I saw something where you could sertup OpenSSH with Mysql and use to allow clients to connect | 15:40 |
maxolasersquad | reya276: sudo apt-get install ssh | 15:46 |
maxolasersquad | Then any user on that machine can connect remotely. ssh user@host | 15:46 |
reya276 | oh yeah I got OpenSSH install already, but I need to know how to add multiple users kind a like a an SFTP | 15:46 |
reya276 | without having to create system accounts | 15:47 |
maxolasersquad | The same way you add any other user to your ubuntu machine | 15:47 |
maxolasersquad | You could create a guest account, and then ask for ssh keys. | 15:47 |
reya276 | right but then that would create multiple accounts on the server | 15:47 |
maxolasersquad | But that would bypass any sort of seperation of users. | 15:47 |
reya276 | I know there is a way to do it with mySQL | 15:47 |
maxolasersquad | Assuming that seperation of users is desirable. | 15:47 |
maxolasersquad | ssh, at its core, allows users of a Unix machine to connect remotely. I don't think there's any way for someone to connect to a machine over ssh without a user account. Then again, ssh is pretty powerful and I don't even begin to know all of its uses. | 15:48 |
reya276 | what I have also is that while a user is logged on to the server they can see other users home dir | 15:49 |
reya276 | and see their files and folders | 15:49 |
reya276 | oh wait can I create a group called external users and then make them part of that group then can I allow them to only see their files/folders | 15:50 |
mhall119 | reya276: ssh requires a shell program, but I seem to recall that there is a special one that can be used to only allow SFTP, without being able to browse other people's stuff | 15:54 |
mhall119 | reya276: check out http://www.pizzashack.org/rssh/ it might do what you want | 15:55 |
reya276 | yeah is called mySecureShell but the connection on that is way slow | 15:55 |
reya276 | oh this is something new, thanks | 15:56 |
reya276 | ok is there a way to create users so that they can only see their user files/folders but no other users? | 16:00 |
maxolasersquad | I believe that SFTP is its own protocol that doesn't necessarily have anything to do with FTP or SSH. IIRC, SFTP is a means of transfering files over a secure connection, but it is not FTP over SSH. | 16:00 |
maxolasersquad | Though, I could be wrong. | 16:00 |
mhall119 | reya276: yeah, chroot jails, it mentions them in the FAQ of that program | 16:00 |
mhall119 | maxolasersquad: SFTP is tied to SSH, but different from FTP | 16:01 |
maxolasersquad | mhall119: Thanks. | 16:01 |
mhall119 | you are corrent that it is not FTP over SSH, it is a different protocol, but it does run over SSH | 16:01 |
mhall119 | FTPS (confusingly enough) _is_ the FTP protocol over SSL | 16:01 |
reya276 | yeah but that app says there are pontential security risk and I'm not that good at configuring things | 16:01 |
reya276 | the default ssh setup right now is secure tight and all I really need to is to not let users see each others files/folders | 16:02 |
reya276 | ssh conn is fine for them to use as they will be using WinSCP to connect or any other SSH client they can configure | 16:03 |
reya276 | we have a similar setup but is tied to our Ubuntu email server and that server is slow as hell due to it being so old | 16:04 |
reya276 | it's a Dell 2650 | 16:04 |
=== jussi01_ is now known as jussi | ||
reya276 | Ah I figured it out, if you set the permissions to sudo chmod -R 700 /home/<userdir> it will only allow that particular user to see his files and folders no one else will be able to see them. | 17:39 |
reya276 | and then on the SSH Server for maximum security you set the Allow Root login to NO and then create a group for the users whom will be connecting, make them part of that group and then on the... | 17:41 |
reya276 | SSH server you "Allow all Users from X group" to connect as well as "Allow individual X user" to connect and there yah got a nice and tight SSH with no slowdown | 17:42 |
reya276 | as long as those SSH keys hold one should be OK | 17:42 |
reya276 | Also it is best to have a Hardware Firewall not a software one, or if you can have both would be even better | 17:43 |
maxolasersquad | reya276: IMHO software firewalls are just for outbound protection. Inbound should be done with a hardware solution. | 17:48 |
maxolasersquad | And a NAT solution will take care of most of your inbound needs. | 17:49 |
reya276 | exactly | 17:49 |
reya276 | which is why I suggested both | 17:49 |
reya276 | but Hardware one is just fine too | 17:50 |
reya276 | as long as it is a good one' | 17:50 |
maxolasersquad | I only roll with a hardware firewall. I'm not too concerned with outbound security. | 17:51 |
maxolasersquad | Which is just a personal preference. | 17:51 |
reya276 | And make sure you let that bad boy do the One-To-One NAT conns and straight | 17:51 |
reya276 | oh hey this http://www.youtube.com/watch?v=cLDLAXRetWU&feature=player_embedded is pretty cool I had no Idea you could make AWN your default Panel for GNome, I guess you could do the same with Docky | 17:54 |
=== locobot_4_2 is now known as locobot_4 | ||
Epidemic | i'm a doctor not a physicist | 20:01 |
xfGolden | Any fellow Palm Beach area Penguins? | 20:38 |
=== Epidemic_ is now known as Epidemic | ||
Epidemic | i'm in martin county | 20:41 |
Epidemic | does that count? | 20:41 |
xfGolden | Think I was just up that way a couple days ago working at the fpl plant | 20:49 |
xfGolden | It's a little north but I guess I could say it semi counts | 20:51 |
xfGolden | anyone in here active in the pbclug? | 20:53 |
Epidemic | I was just at improv last night to see Gabriel Iglesias | 20:53 |
xfGolden | Thats one funny Mexican :p | 20:54 |
Epidemic | it was an awesome show | 20:55 |
xfGolden | I bet | 20:55 |
xfGolden | Was working on a friends wifi .. last night .. ~500ft between the house and guest house .. | 20:56 |
xfGolden | setup my cantennas to prove to him that it's really not that long of a distance for the right setup | 20:56 |
xfGolden | then we proceeded to mount and aim a pair of unused satellite dishes at each other .. that was impressive .. overkill a little but cool to do | 20:58 |
xfGolden | bbl | 21:33 |
cjohnston | itnet7: ping | 21:41 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!