From: "Eve Atley" <eatley@wowcorp.com>
To: 'Ray Olszewski' <ray@comarre.com>, linux-newbie@vger.kernel.org
Subject: RE: Delete /home/shared Samba directory; need better SSH solution!
Date: Thu, 10 Feb 2005 15:38:39 -0500 [thread overview]
Message-ID: <008f01c50fb0$825c6080$260aa8c0@lanadmin> (raw)
In-Reply-To: <5.1.0.14.1.20050209092740.02f55340@celine>
Thanks. Your advice makes sense, but allow me to give a bit more detail of
the current setup.
1. Those users for whom I do have an account set up (example: gagan) have
their own username/password.
2. FTP and Telnet has been disabled, so SSH is the only way they can access
our US server currently.
3. Those users, ie. gagan, that have a username/password, are currently
placed into the groups for which they have access (ie. marketing) and that
particular directory is owned by root with file group set to itself (ie.
marketing).
4. Each directory is set to 770, with owner/group having r/w/x bit set.
Now, you wrote:
3. For the files and directories you want these folks to have write
access
to, make them mode 664 or 774 as appropriate, chgrp them to india,
and let
them rely on group- rather than user-level access. Set these users'
umasks
so files they upload have appropriate permissions.
1. Based on this setup, would I still chgrp the directories to India?
2. I am not sure how to set umasks, but once I figure that out, I would then
set it directly on the user?
The question seems to have mutated; I appreciate your explanation of SSH as
a method by which to transmit securely over an insecure medium rather than
offering any true security of the machine itself. In rethinking this
strategy, I think assigning each user his/her own secure password needs to
be the norm, and when users ssh into the system they will just have to
navigate to the shared directory on their own. Any other suggestions are
appreciated.
Thanks,
Eve
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs
next prev parent reply other threads:[~2005-02-10 20:38 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-01-29 14:03 USB Flash/Jump Drives-Linux?? Hal MacArgle
2005-01-29 16:08 ` Ray Olszewski
2005-01-29 18:40 ` Jim Nelson
2005-01-29 19:24 ` Hal MacArgle
2005-01-30 3:02 ` Joshua Rogers
2005-01-30 3:48 ` chuck gelm
2005-01-30 15:19 ` Abstract Control Module/Communications Device Class chuck gelm
2005-02-03 21:35 ` USB Flash/Jump Drives-Linux?? Hal MacArgle
2005-02-09 15:53 ` Delete /home/shared Samba directory; need better SSH solution! Eve Atley
2005-02-09 18:04 ` Ray Olszewski
2005-02-10 20:38 ` Eve Atley [this message]
2005-02-10 21:44 ` Ray Olszewski
2005-02-12 1:00 ` Linux Redhat Enterprise 3.0 = no support for firewire HD? Eve Atley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='008f01c50fb0$825c6080$260aa8c0@lanadmin' \
--to=eatley@wowcorp.com \
--cc=linux-newbie@vger.kernel.org \
--cc=ray@comarre.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox