Visit Open-E website
Results 1 to 8 of 8

Thread: How to make FTP access read-only?

Thread has average rating 5.00 / 5.00 based on 1 votes.
Thread has been visited 30003 times.
  1. #1

    Post How to make FTP access read-only?

    Hi, I created a share and access this share now with an FTP client using SFTP mode.

    How can I make files/folders read-only for this ftp user?

    What I tried so far:
    • Within Windows I changed file security to read-only; for this ftp user or even for all users , but to no effect.
    • Setting the whole share to readonly (with the webinterface) does not work
    • The ftp user is even able to delete files which are stripped of all permissions and belong to different users:
      SITE CHMOD 000 test.file
      200 SITE CHMOD command successful
      DELE test.file
      250 DELE command successful


    Could anyone provide some suggestions or an update to the software for this?


    Regards,
    MK

    running:
    Model:

    Open-E NAS-XSR ENTERPRISE
    Version: 3.08.XE00000000.2145
    Release date: 2006-08-25

  2. #2

    Default How to make FTP access read-only?

    Currently internally we offer only FTP services for every share not at the file level.


    Function for FTP Settings are below:

    You can enable FTP services for every share separately. You can choose :
    · Anonymous
    · SFTP (Secure FTP)
    Selecting Anonymous mode will enable FTP sharing with anonymous user. For all IPs the access is set to READ+WRITE by default. To change that, activate Allow access IP and Write access IP options. Clicking apply will make the share available over FTP.

    To connect to this share a FTP client software is required – i.e. Internet Explorer has the FTP support. To connect from IE, when using Anonymous mode, please use following syntax: ftp://<NAS IP>/pub/, (e.g. ftp://192.168.0.220/pub/).
    When using SFTP client, please use: ftp://<NAS IP>/share/, (e.g. ftp://192.168.0.220/share/).
    Many FTP client programs need a user name and a password to establish connection. In the Anonymous mode the user name is “anonymous” and there is no password (empty field).
    All anonymous shares are in the “share” folder. Any user connecting from the IP without a full access will see all shares but will not be able to see any directories that are prohibited.

    For Anonymous login please use e-mail address as password.

    NOTE:
    Anonymous user will see only files and directories that he owns.

    Selecting SFTP mode will enable secure FTP sharing with the user and password authorization. Only few FTP clients support SFTP, and even fewer SFTP clients support SSL/TLS encryptions.

    Here is a list of the tested software:
    · CoreFTP (Windows)
    · FileZilla (Windows)
    · IgloFTP (Windows and Linux)
    · SSLFTP (Linux console client)
    When SFTP is enabled, the user has the access to the share through the authorized user name and password.

    NOTE:
    If the NAS server uses Windows domain authorization then a short name of the domain must precede a user name – connected with a plus sign, i.e. “DOMAIN+Administrator”.

    To connect to a share via SFTP in the selected encryption, type in SFTP client NAS support SSL and TLS explicit encryption. All SFTP shares are in the “shares” folder. Users see only the allowed shares.

    NOTE:
    If you are unable to see any directories when connected to ftp server please make sure that you have rights to access any share over ftp. If still you cannot see any directories please change your ftp client to passive mode.

    NOTE:
    Most FTP clients have bookmarks allowing to set up IP, port home folder, etc. Suggested home folder for the Anonymous is “pub” and for SFTP is “shares”.

    See also: how to enter IP address

    LOCATION:
    resources -> shares -> [share_name] -> Function: FTP Settings.
    All the best,

    Todd Maxwell


    Follow the red "E"
    Facebook | Twitter | YouTube

  3. #3

    Default

    Ok, I see you posted the online help file on FTP servers.

    However, you wrote:
    > Currently internally we offer only FTP services for every share not at the file level.

    So how do I make every share (not at the file level) readonly when I access them using FTP?

  4. #4

    Default

    You set this with the Allow access IP and Write access IP options in the FTP settings of the share.
    All the best,

    Todd Maxwell


    Follow the red "E"
    Facebook | Twitter | YouTube

  5. #5

    Default

    which is only possible if you know the IP adresses.

    For remote file access this is not an option.


    Could you implement an FTP client with the requested feature?

  6. #6

    Default

    I will forward to our software developers to see if this will be a feature that will be implemented in future releases.
    All the best,

    Todd Maxwell


    Follow the red "E"
    Facebook | Twitter | YouTube

  7. #7

    Default

    Has there been any news since September?

    Regards,
    Manuel Koch

  8. #8

    Default

    Sorry to say this was not addressed for the new release of 3.11. Most of our focus has been completing the developments of our new NAS R-3 products and I am not sure if this specific function will be available as well in the first few updates. If your request is immediate for purchase orders then please contact our sale person for your area as we are having many large orders coming in for special requests.
    All the best,

    Todd Maxwell


    Follow the red "E"
    Facebook | Twitter | YouTube

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •