Unfortunately no one can be told what fun_plug is - you have to see it for yourself.
You are not logged in.
Pages: 1
I have a little experience with Linux... If fooling around with an Ubuntu VM counts.
After spending about 19 hours searching, reading, and trying (literally), I have decided to post here.
I successfully installed linux on my DNS-321! That took me somewhere near 1 hour. The next 18 hours was trying to setup a secure FTP server... I tried with ProFTP and with vsFTP using howtos here and on nas-tweaks dot net.
All I want to do is have my existing Dlink FTP user and folder access list with a secure connection using FileZilla.
For example:
User_0 (Me) has full read/write to Volume_1
User_1 has read/write access to the User_1 folder and read access to a Media folder.
User_2 has read/write access to the User_2 folder and read access to a Media folder.
All users can read/write to a shared folder.
But I just want the most secure connection possible so that the login information and passwords aren't sent openly.
If anyone can help, that would be much appreciated.
Thanks.
Last edited by mcfly982 (2010-02-06 20:30:05)
Offline
It won't be fast but if you have SSH set up (which I assume you do) then you can use WinSCP to connect to your DNS-323. Just use all your SSH detilas when connecting.
This will be secure but slower than FTP for big file transfers.
Other than that, installing an ftp server should be quite simple if you have fun_plug installed?
Offline
Thanks for your reply.
I do have Fun_Plug installed and OpenSSH running.
I was able to successfully connect with SFTP using FileZilla (easier than I thought) but every user can access the root directory regardless of what permissions I have set in the Dlink setup menu.
I have heard of chroot or "locking" a user to a directory but I have had no luck at all setting it up. The last time I tried, I could not access anything and I had to reinstall fun_plug completely.
I used:
Subsystem sftp internal-sftp Match Group sftp ChrootDirectory %h ForceCommand internal-sftp AllowTcpForwarding no usermod -G sftp joe usermod -s /bin/false joe chown root:root /home/joe chmod 0755 /home/joe
form: http://blogs.techrepublic.com.com/opensource/?p=229
Any help with chroot would be appreciated.
Last edited by mcfly982 (2010-02-11 20:00:11)
Offline
What I did on my 323 was to make new folders for each other normal file sharing user (from web GUI) and set them with limited permissions, and I remove the global statement in there that gives everyone R/W rights to everything on Volume_1. Then I make my own rule to give only me rights to see the root Volume_1 folder so that nobody else can access the fun_plug file or .bootstrap folder (since I changed them to R/W for me only in case I need to fix something and fun_plug wont load and I lose SSH ability, I can still change anything in the fun_plug init script using Samba through Windows). Then I set up SSH, and turned off telnet and FTP, etc. But don't forget to set a root passwd and use the store-passwd.sh command to copy it to flash so it wont forget it after reboot, and then just make sure all your files have been assigned proper ownership and rights. Linux is a very secure OS if you set all this stuff up right. It's not too hard, but if you're not familiar with it then go find some tutorial on the www that shows you how chown (change ownership) and chmod (change permissions) of any folder / files to suit your needs. When done, only 'root' user can have access to any core files, and each normal file sharing user can only access his/her proper folders that you had previously set. You can make groups as well so that if several people will be allowed to share some folder, then just assign all those people to a group and make the rule allow group access. A lot of that can be done in the web GUI if you are unfamiliar with setting up users and controlling their access from the command line. I use the command line though to set permissions of the root user and any other user who will be used for administration purposes and will not be using file shares during normal use.
Last edited by ojosch (2010-02-11 21:22:20)
Offline
Pages: 1