SFTP – Connections and File Permissions – Part 3

In the last couple of posts SFTP - Connections and File Permissions - Part 1 and SFTP – Connections and File Permissions – Part 2 we configured sftp and looked at the effect of umask when transferring files using sftp. In this post we will configure restricting users to their home directories using chroot.. Before we configure … Continue reading SFTP – Connections and File Permissions – Part 3

SFTP – Connections and File Permissions – Part 2

So in our last post SFTP – Connections and File Permissions – Part 1 we discussed SFTP connections, file permissions and the effect of "umask". One thing we should make a note that SFTP server binary is "/usr/libexec/openssh/sftp-server" which we can see in sshd config file. I've also updated "test2" user umask to 0077 and deleted … Continue reading SFTP – Connections and File Permissions – Part 2

SFTP – Connections and File Permissions – Part 1

We did SSH setup as mentioned in SSH setup – Key based authentication In this article lets talk about "umask" and file permissions while doing SFTP. When a "user" is created - default "umask" is 0002(---w) - meaning no write permission for others. When the "user" creates a file : the default file permission subtract … Continue reading SFTP – Connections and File Permissions – Part 1

Packages and Services

FTP yum install vsftpd firewallcmd --permanent --add-service=ftp systemctl enable vsftpd systemctl start vsftpd NTP yum install ntp systemctl enable ntpd systemctl start ntpd OpenLDAP yum install openldap openldap-clients nss-pam-ldapd authconfig authconfig --enableldap --enableldapauth --ldapserver=ldap://ldap.server.com --ldapbasedn="dc=example,dc=com" --update NFS yum install nfs-utils SAMBA yum install cifs-utils samba-client AutoFS yum install autofs

/proc file system

/proc files system contains information regarding the current processes and system information running on it. You can see the process ID's running at present on the system. #cat /proc/cpuinfo#cat /proc/meminfo You can see list of processes with the PID's present in it: Table 1-1: Process specific entries in /proc .............................................................................. File Content clear_refs Clears page referenced … Continue reading /proc file system

Kerberos Setup

Repo: http://mirror.centos.org/centos/7/os/x86_64/ Install Kerberos Packages: #yum install krb5-server pam_krb5 krb5-workstation 2. Open /etc/krb5.conf - uncomment "realms", "domain_realms" sections and edit with your own server and domains. 3. Open /var/Kerberos/krb5kdc/kadm5.acl - update domain. 4. Create Kerberos database #kdb5_util create -r -s "domain" #systemctl krb5kdc kadmin #firewall-cmd --add-service=Kerberos --permanent #firewall-cmd --add-port=749/tcp --permanent #firewall-cmd --reload #authconfig --enablekrb5 --update … Continue reading Kerberos Setup