Article delegate-en/4949 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: SFTP proxy question
26 Dec 2010 19:02:42 GMT (Yutaka Sato)
The DeleGate Project

In message <_A4946@delegate-en.ML_> on 12/22/10(09:34:44)
you Alexander Box <> wrote:
 |Please excuse my simplistic terminology:
 |I have a client, C, that needs to access a remote sftp server, R. I am
 |trying to setup delegate on a local server, L, so that C can ftp
 |(not sftp) to L, supply a username and password that is valid on R,
 |and appear to be connected to R. If C provides a username and password
 |to L that is not valid on R, I want delegate to refuse the ftp
 |connection attempt from C.
 |Here is the invocation of delegate (9.9.8-pre18) that I am using to
 |accomplish the above:
 |/usr/local/bin/delegated -P21 SERVER=ftp OWNER=delegate/delegate
 | MOUNT="/* sftp://R/*" PERMIT="ftp:R:C"
 |This invocation meets my requirements, except in the case that R is
 |inaccessible from L. In this case, C can still ftp to L (what is more,
 |using a completely invalid username and password), and appear to be
 |able to run NLST, STOR etc. successfully.

Sorry but I can't understand what "R is inaccessible from L" means
while you are specifying the server "R" to be accessed from your
DeleGate on "L".

 |How can I force L to reject connection attempts from C if R is unavailable
 |from L?
 |I have tried:
 |/usr/local/bin/delegated -P21 SERVER=ftp OWNER=delegate/delegate
 | MOUNT="/* sftp://R/* servon=init" PERMIT="ftp:R:C"
 |However delegate returns:
 |553 Permission denied by DeleGate.
 |I have also tried "servon=user" and "servon=pass" to no effect.

The "servon" option is not applicable to sftp/FTP gateway.

  9 9   Yutaka Sato (CSDP,ITIL-F,OCUP-A,Security+)
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]