Article delegate-en <_A1228@delegate-en.ML_>
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[delegate-en/1228] [Reference:]
Newsgroups: mail-lists.delegate-en

Re: Authorized Usernames/passwords list on ftp proxy for single login?
04 Jul 2001 04:35:56 GMT     Fernando Cassia <pzicabdyi.ml@delegate.org>

Thanks for the quick reply, Yukata!.

The new version sounds really interesting!. BTW: the problem with using the "CWD
user:host" is that I do not want the end users to know the end system's password,
and that way it would be displayed during the login process on certain clients.

Perhaps there would be a way to make delegated connect and STAY connected to the
destination ftp server using the (secret) login/password, and then "fake" beign a
server to the end clients? (so they don't even see the login message to the final
"proxied" server?

Hrmm. Tell me what you think.

Regards

Fernando
Buenos Aires, Argentina

Yutaka Sato wrote:

>
> On 07/04/01(09:57) you Fernando Cassia  wrote
> in 
>  |Is it possible to create a "authorized logins" file and make delegate
>  |use that for ftp proxy,
>  |but using a single account on the destination ftp server?
>  |
>  |In other words, lets say I'd like to give users joe, susan, frank,
>  |access to ftp site whose only
>  |authorized login is "ftp://authorized-user:blahblah@0..". What I
>  |want to do is give those users their own login/password on the DELEGATE
>  |ftp proxy, but in the end the delegate ftp proxy should connect all 3 to
>  |the ftp server using "ftp://authorized-user:blahblah@0..".
>
> AUTHORIZER="authorizer-host"
>
> (See <URL:http://www.delegate.org/delegate/Manual.htm#AUTHORIZER>)
> This parameter requires the client to login to DeleGate first before
> connecting the target server.  "authorizer-host" is a host running a
> FTP server which accepts logins by joe, susan and frank.
>
> FTP-clients must do login twice as follows:
>
>   220 FTP-server ready
> > USER joe
>   331 [Proxy] Password required for joe.
> > PASS password-of-joe@authorizer-host
>   230-[Proxy] User joe logged in.
>   230 Now you can login a target FTP server with USER user@host
>
> > USER authorized-user@0..
>   331 Password required for authorized-user
> > PASS blahblah
>   230 User authorized-user logged in.
>
> If a client does not accept the second login, doing change-directory
> with a special format including account infomation may be used.
>
> > CWD //authorized-user:blahblah@0..
>   250 User authorized-user logged in.
>
>  |If that's not currently available, would that option be too difficult to
>  |implement?.
>
> With DeleGate/7.4.0, which is almost ready to be released, doing
> authorization based on DeleGate's local authorization files rather
> than real authorizer-hosts will become easy.
>
> Cheers,
> Yutaka
> --
>   @ @ Yutaka Sato  http://www.delegate.org/y.sato/
>  ( - ) National Institute of Advanced Industrial Science and Technology (AIST)
> _<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan

  search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V