VMware

  Download

Download this Appliance

  Community Feedback

18 votes

Log in to rate item

Comment on this appliance

  Related Categories

Application/Web Server | Challenge Entry Appliance | Server

MyWebSFTP v1.0

A simple, feature full, SSL secured, and easy to use FTP server and web interface written in PHP backended by MySQL and ProFTPD.

Description

MyWebSFTP 1.0 by Anoop Bhat

UPDATE: 07.25.2006
Hi Again. I have finished the initial script that changes all the passwords for the following accounts

System: admin
System: root
MySQL: root
MySQL: proftpd

It also tells you what to do after you have run this script and reports any errors.

Its very very basic but it works. I've tested it on the system but I cannot guarantee that it will work on every appliance downloaded from VMWare as some users have reported errors with the downloads.

The script is available on my personal website.

http://www.anoop.net/upload/SetupMyWebSFTP.sh

copy the script to /root
chmod 755 the script and run it with './SetupMyWebSFTP.sh'

Please report any errors to mywebsftp@gmail.com

thanks

Anoop

UPDATE: 07.24.2006
Hi again. Yet another update. Remember that if you are placing this server on a natted network (10.0.0.0/8, 192.168.98.0/24...), then the configuration should reflect the DNS name of the server's private IP or the private IP itself.

Anoop

UPDATE: 07.20.2006
Just a quick note. If you see an error like this

Warning: ftp_login() expects parameter 1 to be resource, boolean given in /var/www/websites/FTPSERVER/docs/webxfer/functions.php on line 302

check /etc/mywebsftp/sqlconnectinfo.conf

you need to provide a password for proftpd to access the mysql database.

Unfortunately, I cannot share the default password for it for security reasons. I have to protect existing users if they used the default.

use mysqladmin to change the password for the "proftpd" user account in mysql.

type that value into /etc/mywebsftp/sqlconnectinfo.conf and you should be all set.

NOTE: WHEN YOU CREATE A DIRECTORY IN THE APPLIANCE. IT DOES NOT GET CREATED AT THE OS LEVEL. THAT IS ONLY DONE WHEN THE USER LOGS IN FOR THE FIRST TIME.

I hope this clears up some confusion.

At the moment, I am extremely busy with other tasks but I will try to allocate some time to write an installation script. I haven't thought it all the way through but I don't see an issue with it.

Thanks

Anoop

UPDATE: 07.17.2006
Well, I found some more errors in this installation document. I'll try to be better at this.

In the meanwhile, I ask for your patience while I get these new instructions with screen shots and all.

Thank you to all who tried out MyWebSFTP v 1.0.

Anoop

UPDATE: 06.29.2006
Hello there in VirtuaLand.
This update is the result of recent events both good and bad. In order to provide better support and a working Appliance to anyone downloading this appliace, I am providing this extra bit of documentation which I will eventually include in the installation manual. Judges should read this section too because it can make or break this appliance.
So anyway, the good events. Atleast two companies are considering putting MyWebSFTP into a production environment and one has already done so (as far as i know). Others have contacted me for help and the biggest issue has always been during installation. There is some confusion between the system accounts and appliance accounts and this blurb is meant to clear that up. Thats the bad news, the docs weren't written well enough. I thought they were but obviously they are not.
To clear some things up:

  • SYSTEM ACCOUNTS (admin & root) ARE NOT RELATED IN ANYWAY TO THE WEB APPLICATION.

Now, onto the setup from the beginning. Follow these instructions and you should have no problems.

  1. Power up the Virtual Appliance.
  2. At the console, login with username 'admin' and password 'enterprise'.
  3. Change the 'admin' account password by typing 'passwd' after you have logged in. You will need to provide a new password for the 'admin' account. Please don't continue to use 'enterprise' as the password.
  4. Become root and change root's password.
    $ sudo su -
    Password: <your_newly_chosen_password>
    #
  5. Now you are root. Change roots password by typing 'passwd' at the # prompt.
  6. When you became root, you probably saw a message about changing the root account password as well as MySQL root password. Lets do that now.
  7. As root type this
    # mysqladmin -u root --password=`cat ~/root-mysql` password '<new_password_for_mysql_root_account>'
    # mysql -u root -p
    Enter password: <new_password_for_mysql_root_account>
    Welcome to the MySQL monitor. Commands end with ; or \g.
    Your MySQL connection id is 11 to server version: 3.23.58-log

    Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
    mysql> exit
    # rm ~/root-mysql

  8. Now, the root password has been set and the root MySQL account password has been changed.
  9. While you're logged in, change some other settings if you like. Change the hostname of the server. Look in /etc/hosts and /etc/sysconfig/network. If you want to change IP address and stuff, go to /etc/sysconfig/network-scripts/ifcfg-eth0 and change the values in that file. You will need to restart your network for that to take effect. 'service network restart' as root will do it.
  10. Make sure your appliance has an IP address and is pinging etc.
  11. Open a browser and pull up the IP of the appliance.
  12. You will be asked to configure MyWebSFTP for the first time. Its just a few options, go ahead and do so.
  13. If you get a login screen after the initial configuration, login with username 'adminsu' and password 'enterprise'. Remember to have the 'Admins / DirectFTP' radio box selected.
  14. Once you login, change the 'adminsu' account password. It can be found under the Account menu.
  15. After you change the 'adminsu' account password, go to Admins -> All Administrators and inspect to make sure that everything looks normal. If you're paranoid, delete every account except 'adminsu'. Do the same for All Users under View -> All Users.
  16. Now you're done and secure. Go through the Configure menu and make sure everything is as you need it.
  17. Please read all the manuals in the Help section. I cannot stress this enough. As an admin, you should read every manual and be familiar with the entire environment.

If you find any bugs or have any questions what so ever, please do not hesitate to email me at mywebsftp@gmail.com. The least I can do is to help anyone with this appliance. With all the effort and time devoted to this appliance, its only in my best interests to disperse it and make it better. As I am the only person currently developing, designing and distributing this appliance, it may take some time for me to reply to you but be assured that I constantly watch for emails and ways to address any issues. Also, I have made updates to the appliance for better handling of the file system objects (files/folders). A new command line feature on the interface is also there for all those key board lovers. Now you can click your files/folders or give ftp commands that will be executed on the web.
Screen Shot: http://www.anoop.net/upload/commandline.jpg
If you're interested in trying an updated version, please contact me.
Thank you again for trying MyWebSFTP!
Anoop Bhat
Logo

Earlier I wrote:
The MyWebSFTP Appliance!
MyWebSFTP is a secure, easily manageable and scalable FTP (File Transfer Protocol) Appliance.
It makes use of mod_tls (for secure FTP) and mod_sql:mod_sql_mysql (MySQL for user management).
MyWebSFTP's ease of use for both the Client and Administrator make it a simple and easy solution for many a company's file management and transfer needs.
Built on an enterprise platform or a free linux distribution (in development and testing currently), this Appliance is a feature full and fast way to deploy a File Transfer system in any environment.
MyWebSFTP allows users to transfer files from their desktops to any MyWebSFTP appliance via three methods:

  • A PHP driven secure web based client for managing files
  • A graphical or command line FTP client
  • A graphical or command line Secure FTP client

Here's what you're probably thinking right about now.
"Well? So what? I can transfer files to someone over email."
Yes, thats true. You can transfer files over email but can you transfer large files over email? Say 50 megabytes? Or a 100? Or even 500? Probably not. Most email systems are configured to limit the sizes of attachments you can send in order to avoid taxing the email systems and consuming lots and lots of storage.
It's for that exact reason many companies create file servers such as FTP servers.
"So what's the problem with that?"
Nothing, nothing at all. Except the fact that most file servers aren't always set up with design in mind. Usually the user base starts off small and so the choice is made to use system accounts instead of application accounts. System accounts are users that are created within the operating system for authentication and account information.
Then the user base grows and grows and becomes so large that there are too many system accounts to manage and the entire problem gets out of hand. And after that? Its pretty much back to square one to re-plan the system layout and upgrading to a new system which is scalable and easily manageable.
"Thats great! Its scalable. But why does it have to be secure?"
Two words. "MITIGATING RISKS". In this modern new world, there are laws in place that require most organizations ... methods for doing things. If we're sharing financial information with someone, it has to be encrypted or at least transferred securely. Auditors patrol the floor in search of potential risks that can be avoided.
With MyWebSFTP, you can claim security, scalability and manageability as well as put auditors needs at ease ...creating less work for you in the long run.
How does that sound to you?
"Cool! That sounds great but I don't want to sit and manage such a huge user base on my own. What can you do about that?"
You're not alone there. No one person or department wants to be held responsible for managing every account. Most requests that come in are for resetting forgotten or lost passwords and frankly you've probably got better things to do right?
MyWebSFTP has a great way to save you tons of work so you can focus on bigger and better things. It has two levels of administrators. FTP Adminsitrators and FTP Super Users. FTP Administrators are admin accounts with privileges to create and manage their own set of accounts. FTP Super Users are admin accounts with the ability to see every account on the system
MyWebSFTP does everything above for you from day one. Here are some of the good things about it.

  • No need for system accounts on a per user basis (auditors like this)
  • Transfer occur over SSL (1024 bit) encryption so that no one can listen to what you're transmitting. (auditors like this too)
  • Transfer large files that usually cannot be transfered via email. Currently files as large as 500 megabytes can be uploaded over the web and much larger files via a graphical or command line FTP client. (You will like this)
  • Gives users the ability to share files with other users who need not have an FTP account or the FTP account information of the user who is sharing the file.
  • Breaks the one to one account to directory relationship with a many to one account to directory relationship. Many users to one directory or one user per directory.
  • Comes with documents/howtos/faqs for both users and admins.
  • And there is more too.

1. What does the appliance do, and what are its uses and benefits to the intended audience in the VMware community. The judging panel is interested to know what is unique about this appliance, why users will want to download and run it, and how they will use it.
The MyWebSFTP Appliance serves as an FTP server with support for SSL and easy user account management. The biggest most unique benefit to any user is the PHP driven front end that is aptly named MyWebSFTP. MyWebSFTP allows users to upload/manage files over the web via a user friendly interfaces that is compatible with most browsers eliminating the need for graphical FTP clients.
2. How was the appliance built, summarizing the steps involved. Describe what optimizations were made, for example any changes you made to the underlying operating system to optimize it for size or functionality, or any special application configurations you made that increase the usefulness of the appliance.

  • The MyWebSFTP appliance is built on an Enterprise level operating system, Red Hat Enterprise Linux ES 3.0 Update 3. The OS was installed with minimal options to conserve space and increase performance. Although kernel optimization could have been done to remove support for unneeded devices, that was not done in order to allow for users to be able to upgrade the kernels via the 'up2date' program.
  • After the OS was installed, many unneeded RPM's were erased. The total number of packages installed totals to 200 creating a rather small OS but still quite usable. Future versions of MyWebSFTP may be smaller to minimize the download size for end users.
  • ProFTPD and MySQL are at the heart of the system. ProFTPD was compiled with support for mod_sql and mod_tls allowing for SSL encrypted file transfers as well as user authentication through MySQL. The source code for ProFTPD and the MySQL RPM's are available online.
  • MySQL customization includes securing it by deleting unneeded users and databases (installed by default) and binding it only to the localhost (127.0.0.1) interface making it impossible for remote connections to be made directly to the database. This not only helps performance between MySQL and ProFTPD but also prohibits remote hacking attempts adding an extra layer of protection for the masses.
  • ProFTPD customizations include turning off things such as Ident Lookups and Host Lookups for faster response times from the server.
  • For the appliance, ProFTPD and MyWebSFTP use separate DB accounts for access. This is because the PHP driven web application needs more privileges in order to operate.
  • The MyWebSFTP interface is a custom written application for this appliance. It was developed solely by Anoop Bhat. It provides two interfaces, one for the users to manage files and one for admins to manage users.

3. Detailed instructions to start using the Appliance and the location of any other documentation.

  • Create a Linux VM with 264 MB of RAM and assign one processor to it. 8 Megs belong to the video card so that redhat is happy with 256 MB.
  • The Appliance comes with an 18GB drive for user data. If you require more space or less space. Delete the 18 GB drive and recreate a new one with the
    right size. You don't need to do anything to mount the disk as long as you assign the device node as SCIS 0:1. If you do use a different device, then you must
    fdisk the device and create a partition table. Then use mkfs.ext3 to create the file system. Lastly, remember to add it to /etc/fstab
  • Once you have created the disk that is appropriate, turn the VM on.
  • Login with 'admin' and password 'enterprise'. You will notice a message that says you have sudo access. Type 'sudo su -' and provide your password ('enterprise' if you haven't changed it already). Now you are root!
  • Immediately change root's password as well as the admin account password.
  • Now, assign the IP you wish in /etc/sysconfig/network-scripts/ifcfg-eth0. Below is a sample file. Please substitute your values. If you are unsure of this info, please ask your network admin.

    DEVICE=eth0
    IPADDR=192.168.98.100
    NETMASK=255.255.255.0
    NETWORK=192.168.98.0
    GATEWAY=192.168.98.1
    ONBOOT=yes

    It is most likely that you will be specifying this information when you create the VM or install it rather but its always good to have it.

  • Remember to also change the values in the following files
    • /etc/sysconfig/network
    • /etc/resolv.conf
  • Now, lets do some work on the sendmail configs so that you get mail from the system. Its an important part for users and admins. In Redhat Enterprise Linux, sendmail prefers to be configured via /etc/mail/sendmail.mc (not sendmail.cf). Think of sendmail.mc as the Makefile for sendmail. In this file, there is probably only one line that you need to edit. It is the SMART_HOST line. Open /etc/mail/sendmail.mc and find the line that says

    dnl define(`SMART_HOST',`smtp.your.provider')

    and replace 'smtp.your.provider' with the mail server that will accept mail for delivery from this appliance. The line should look like this when you're done.

    define(`SMART_HOST',`mailgateway.yourdomainname.com')

    As root, execute 'service sendmail restart' and you should be in business. To test, execute

    # echo "Testing from MyWebSFTP!" | mail <your email address>

    Check /var/log/maillog for some clues on the status of the command above. Also, check your mail to make sure you received the test.

  • This concludes any work you may need to do on the system to begin. Lets move on to the web interface.
  • Point your browser to your server.
  • On a first install, the web interface is not active. It requires a configuration file. Click the link that takes you to 'install.php'.
  • Supply the four fields that you see. Display Name, Admin Email Address(es), Server Name, Logo Image.
  • Don't worry if you are unsure of what these values are. These four fields are changeable later on.
  • Save the config and click the "LOGIN" link at the top of the page.
  • Login with 'admin' and 'enterprise' again. Immediately change the password.
  • Now read the manuals found in the Help menu of the site.

    These manuals will tell you more about MyWebSFTP and how to begin using your new FTP Server.

  • LASTLY, if these notes are somewhat incorrect or are missing information. Please login to the system and look in root's home directory for more docs on setting up MyWebSFTP. Read those and then move on to the manual.
  • JUDGES for UVAC, please read the documents in roots home directory. Thank you.

4. The names of any licensed operating systems, applications, or other components in your appliance, and the licenses (names or URLs) under which you are using them.
Red Hat Enterprise Linux ES 3.0 Update 3 (unlicensed but ready to be added to Red Hat Network) | http://www.redhat.com
ProFTPD 1.3.0rc5 (GPL) | http://proftpd.org & http://gnu.org
MySQL 3.23.58 (GPL) | http://mysql.com & http://gnu.org
Anoop Bhat does not license MySQL or Redhat Enterprise Linux ES 3.0 for any commercial purposes related to MyWebSFTP.
That is up to the user/organization who downloads this Virtual Appliance.
For more information, please refer to the websites listed above.
 

Last updated: 07/25/2006

Operating system: Redhat Enterprise Linux ES 3.0 Update 3

Applications installed:
ProFTPD with mod_sql_mysql, mod_tls Apache 2.0 PHP 4.3.2 MySQL 3.23.58

VMware Tools installed: Yes

Size: 1200 MB
Torrent available: Yes
(What is BitTorrent?)

Primary account
Username: admin
Password: enterprise

Submitted by: anoop

Download link provided by the submitter, not VMware. Report broken downloads here.


« BACK...