Ftp Folder


#1

Hello, i want to have a directory like http://mysite.com/data/

And i want several users (or just 1 will do too) to access to have access to that “data” folder via Ftp using separate Ftp login names

How can i set this up


#2

That’s probably the #1 question around here. First, they’ll have to use SFTP. Then look at the following to set up permissions:
http://wiki.dreamhost.com/Unix_Groups

Or go with the rlparker method of using Uber Uploader. I’ve never used it, but he swears by it (or at least owns stock in it :smiley: ).

-Scott


#3

Plz tell me, more about this Unix usergroup thingy, i read the wiki didnt get a thing [sad]

Lolz, Uber Uploader is a free soft his stock/shares are priceless :wink:
I knew about Uber Uploader for some time, but i dont wanna use it in my site, it has some known vulnerabilities and also with Ftp they can resume uploads

One tiny bit outside question, is it safe to give friends sftp access, to what extent can they abuse their power,
i just want to jail them inside a directory :wink: is that possible, also that directory should appear in the web


#4

You’d have to create a unique group for this directory. The “owner” needs to be in that group, and so do the other users.

One alternative to SFTP that I haven’t tried is to create a symbolic from each user’s home directory to that data directory. Hopefully someone who’s tried this can add to this discussion. Otherwise, you can’t jail them because they need to work their way over to the data directory via SFTP.

SFTP is Secure FTP that uses the SSH mechanism. With SSH, the user can get out of their home directory and into other authorized directories, such as your data directory.

-Scott


#5

[quote]And i want several users (or just 1 will do too) to access to have access to that “data” folder via Ftp using separate Ftp login names

How can i set this up[/quote]
If “just 1 will do”, and if you don’t care about that other user owning the files, you can do what you want using the “remap a subdir” method (note the limitations of doing that in the linked article).

You might also want to take a look through the DH wiki article on Users, and the section sharing websites with other FTP users is discussed.

Then there is WebDav …

Uber-Uber is just one tool, and I generally only it recommend as a general purpose uploader if someone needs very large uploads from many users and is bent on doing this using DreamHost’s default PHP installation (which seems to be quite often).

There are a great many other “filemanager” type tools that are more versatile and provide many of the capabilities of FTP (net2ftp - which DreamHost uses, ffileman, etc.), and those are what I generally use if I want to do this. I just like my user owning all the files in my account, though I understand that YMMV. :wink:

–rlparker


#6

[quote]One tiny bit outside question, is it safe to give friends sftp access, to what extent can they abuse their power,
i just want to jail them inside a directory is that possible, also that directory should appear in the web[/quote]
Well, it is might be “safer” to some limited degree to “jail” them to a given directory, but you need to consider that whatever they upload/do, you will be held responsible for their actions. There is always a degree of risk in doing this no matter how you set it up. :wink:

This may not be of much concern to you if you know the other user very well, and trust not only that they would not break the rules in the TOS but that they are knowledgeable enough not to do accidental damage.

I would not allow someone I did not know very well, and trust completely, to do this. This is another reason I prefer scripts to facilitate this rather than turning them loose with SFTP. With scripts managing the access, I have a better chance of catching some problematic things they might want to upload (scripts, illegal warez, etc), and I can more closely control what they are able to do.

–rlparker


#7

[quote]If “just 1 will do”, and if you don’t care about that other user owning the files, you can do what you want using the “remap a subdir” method (note the limitations of doing that in the linked article).

You might also want to take a look through the DH wiki article on Users, and the section sharing websites with other FTP users is discussed.[/quote]

Hello, can you simplify how can I “remap a subdir” so the FTP users can only access a simple directory.

I read the wiki, didn’t understood fully…
The limitations are ok for me, can’t run CGI and PHP, no probs


#8

It would help if you explain more clearly what you need.

Is this just so a group has view/download access to a folder which has no bearing on the overall functionality of your site, or are you wanting to give a group access to (for example) a themes directory that is tied into your site and they all need to be able to edit the files within that directory?

Maximum Cash Discount on any plan with MAXCASH


#9

Arguugh … there you go with that "the FTP userS again. Note that I said “If “just 1 will do” … you can do what you want using the “remap a subdir” method”. This will not help you if you want more than a single FTP user to do this.

While I’m not sure I can make it anymore clear than the wiki articles I linked you to before, I can try:

  1. Create the new FTP user that you want to be able to access a given directory in your website. - for an example, let’s call that new FTP user “user2”

  2. Create a directory in your website that you want that user to be able to access via FTP - for an example, let’s name that new directory “user2stuff” (which would be reached on the web as “http://www.yourdomain.tld/user2stuff/”)

NOTE: It doesn’t really matter if you do step 1 or step 2 first here, and you don’t have to do them at all if you already have created the FTP user you want to be able to access a directory in your site and you already have that directory recreated, but you do need both of these things in place before proceeding to step three!

  1. Then go to the Panel -> Re-map Sub-dir screen, and complete the provided forms.

  2. In the first screen, fill in the “Fully-hosted URL to remap:” to describe the url you want to be now accessible to the new, or other, FTP user, and hit “Continue” - using our examples created in steps 1 and 2 above, you would use the pulldown selection list to select your domain, and put “user2stuff” in the “box” beneath the selection list.

  3. In the second screen, you will see that your choice from the first screen for the url to re-mapped listed (if it is not what you want, go back to the first screen and correct it now!), another pulldown selection list from which you can choose the other user (in this case, you will choose “/home/user2/”, and a suggested directory structure to use for your remapped sub-dir in the selected FTP user’s directory. -

Using our examples you would see “http://www.yourdomain.tld/user2stuff/” for the “Url to re-map”, you would select “yourdomain.tld/user2stuff” from the pulldown selection list, and as the “suggested” directory to use in the other FTP user’s directory you should see "yoursite.tld/user2stuff. You can leave this last part “as is” (which I recommend so that it is easy to keep straight what website will server that dir), or change it if to whatever you want.

Okay - that’s the “really long version” of how to “Re-map a Sub-dir” with, I think, every base covered. (I like the wiki version better!) :wink:

Just don’t forget that:

  1. This allows exactly 1 other FTP user to manage the contents of that dir

  2. If you want to manage the dir, you will either have to set up appropriate user permissions to allow that (which is complicated and, IMHO, a potential security risk - particularly if yuo are not confortable with unix permission, groups, the shell, etc.) or just log-in as the other FTP user when you want to manage the files (which is what I highly recommend - it’s your account anyway!)

  3. You will not be able to run CGI scripts or PHP (DreamHost default to PHP-CGI) from this directory because of permission issues related to DreamHost’s suExec security enhancement.

–rlparker


#10

Thanks, I just had problem with this part, it wasn’t on wiki :slight_smile: