From owner-freebsd-isp Sat Nov 27 11:41:14 1999 Delivered-To: freebsd-isp@freebsd.org Received: from dns.sonntag.org (dns.sonntag.org [216.140.186.114]) by hub.freebsd.org (Postfix) with ESMTP id BBFCC14D74 for ; Sat, 27 Nov 1999 11:41:00 -0800 (PST) (envelope-from aaron@sonntag.org) Received: from aaron (cs2744-250.austin.rr.com [24.27.44.250]) by dns.sonntag.org (8.9.3/8.9.3) with SMTP id NAA13644 for ; Sat, 27 Nov 1999 13:40:49 -0600 (CST) (envelope-from aaron@sonntag.org) From: "Aaron Sonntag" To: Subject: user accounts, permissions, ftp, mail Date: Sat, 27 Nov 1999 13:58:15 -0600 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <00c501bf3903$ef33d5a0$0e00a8c0@neland.dk> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I know I am not the first person to ponder the best way to set up user accounts. I am doing virtual hosting for several domains and have a variety of usability I would like to provide to remote users. So my concerns really lie in security mixed with functionality and the ability to limit bandwidth usage. Email accounts with POP access and the ability to telnet in and change password... no more than that Ftp accounts with the ablity to ftp in to upload files to a website and ability to change password... no more than that I am sure I will run across more unique situations which will require more fooling around... The point is that I know there are nifty ways to play with password files so that users have a very limited password shell or just an ftp shell etc etc etc. Anybody have any URL's they can point me to where practices like this are reviewed? Along the same lines are questions I have about what is the difference between a 'client' and a 'guest' and a 'user'. What does it mean to put a bunch of 'guest's in a single 'group' vs each having their own group. I want to run a secure server... or rather I would like to be able to pretend that my server is safe ;-) Any recommendations on a good ftp server that would allow me to limit bandwidth usage for downloads? I am sharing a fast backbone and don't have the right to swamp it when a few cable users get download happy. IE: bandwidth per instance and total bandwidth for all instances. I have also glanced at the httpd.conf file on a Cobalt server an noticed some very very complicated VirtualHost entries that defined permissions down to a fine point... any thoughts? Please assume that I have made regular use of the following resources: Deja.com Altavista.com Freebsd.org Apache.org The FreeBSD book we all own ;-) Various orielly books on sendmail and unix and security and dns and other such things. Thank you, Aaron To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message