[OpenAFS] AFS FTP Permissions
John Bleichert
John Bleichert <syborg@stny.rr.com>
Mon, 18 Mar 2002 15:52:47 -0500 (EST)
I use the linux port of the openbsd ftp server. It authenticates with AFS
via a PAM module. All you need to do is create a proper 'ftp' file in
/etc/pam.d/
so that ftp can authenticate. Something like:
[syborg@janeway syborg]$ cat /etc/pam.d/ftp
#%PAM-1.0
auth required /lib/security/pam_listfile.so item=user sense=deny
file=/etc/ftpusers onerr=succeed
auth sufficient /lib/security/pam_afs.so try_first_pass
ignore_root
auth required /lib/security/pam_pwdb.so shadow nullok
auth required /lib/security/pam_shells.so
account required /lib/security/pam_pwdb.so
session required /lib/security/pam_pwdb.so
This method also works fine for ssh1 access ;-)
> Date: Mon, 18 Mar 2002 13:13:36 -0500 (EST)
> From: Derrick J Brashear <shadow@dementia.org>
> To: openafs <openafs-info@openafs.org>
> Subject: Re: [OpenAFS] AFS FTP Permissions
>
> On Mon, 18 Mar 2002, Michael Aldrich wrote:
>
> > I can connect to the server via FTP, and also send/receive files from/to my
> > local computer. I get a 'Permission Denied' error when I try to put a new
> > file in any directory under /afs.
>
> you don't have tokens, so you can't write into afs. if you use the ftpd
> with afs, it has serious problems, but it will get tokens. still, i
> recommend you instead use the ftpd that comes with kth-krb, or with
> heimdal; they get tokens but are modern and if used with a useful client
> will do useful authentication
>
>
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
>
--
|-John Bleichert----syborg@stny.rr.com----------------|
|-------------------http://vonbek.dhs.org/latest.jpg--|