# sftp questions and dynamic dns (solved)

## gentoo2013

Hi I have setup my media center and everything is working groovy well nearly.

I am able to connect to my media center using filezilla on windows using port 22 sftp. 

Is there away to only allow read access when using sftp ? 

I would like family and friends to be able to download from my machine but not erase anything. ? 

Question 2 

At the moment I have just fowarded a port on my router to the ip address of the machine 

obviously my ip address changes every few days so is there away of setting up a dynamic dns so that i dont have to check the ip every few days ? 

Any help would be great thanks .Last edited by gentoo2013 on Mon Aug 12, 2013 5:56 pm; edited 1 time in total

----------

## NeddySeagoon

gentoo2013,

I'll point to the licencing of the media on your media server.

Normally you need to own an original copy of the media but sharing it with friends and family like this will be illegal unless they also have original copies of the media in question.

Thats the legal side.

Now to the technical side. There are several services that keep track of your changing IP for you.  Some are even free.

One that comes to mind is http://www.noip.com/  thats not a reccomendation.  I have a /29 so my IP is static, I have no use for services like this.

----------

## 666threesixes666

point family and friends @ ftp, & setup anon access from https://wiki.gentoo.org/wiki/Vsftpd

keep your sftp to edit & so on as is....  they use doze, not ssh, IE not firefox.  vsftpd will suit their fancy good and proper.

i had a cron job i think it was even hourly for http://www.changeip.com/default.asp

i know it was supplied by changeip, something like this http://www.changeip.com/clients/rinker.sh.txt

though i doubt that is the actual script i was using.

----------

## NeddySeagoon

666threesixes666,

The world and his wife will find an anon ftp server and word will spread about media content.

----------

## 666threesixes666

i see what your getting at, idk virtual users, i only know system users and at that point it might as well be back to sftp.  this looks like a reasonable approach to the first problem then.

http://www.linuxquestions.org/questions/linux-server-73/read-only-sftp-by-user-4175452378/#post4905113

----------

## gentoo2013

Sorry I probally should have not have written that. 

I do fully understand the law. 

I will check theese websites out 

Why use vsftp ? i can access the server fine using filezilla on windows and i can drag and drop files from the server. 

My main issue is i do not want them to be able to erase anything or have i missed something ? 

I will play around with the dynamic dns and see if i can get it working 

Thanks

----------

## 666threesixes666

you become "gentoo2013.changeip.org" and you have a cron script check your servers ip address, if it changes, it updates changeip.org so gentoo2013.changeip.org is old ip, then when it changes gentoo2013.changeip.org is new ip...  external to your machine its ALWAYS gentoo2013.changeip.org.

anon ftp access is already locked down so its outside only pull.

SFTP you need to chmod.

set the owner as you, create guest logins....  chmod 700 = read write execute you, everyone else go away.  you want read execute for others. sooooo  chmod 755 for directories, and chmod 644 for media files.

towards the bottom of the page is where i found my cron script.

http://www.changeip.com/clients.asp

& i was saying ftp, because you can use browser dialog, wget, etc and not be pinned down to winscp/filezilla/sshfs/sftp.Last edited by 666threesixes666 on Sun Aug 11, 2013 6:48 pm; edited 1 time in total

----------

## Jaglover

gentoo2013,

not sure what OS your media center is running, but if it can run webfsd then you can grant read-only access over http, webfs supports authentication, too.

----------

## gentoo2013

Thanks for all your replys.

Im going to play around a bit. 

im going to get the ip thingy working first. 

Im running gentoo of course. 

i was basically going to create a new user media and make his home directory the same as were all the media is stored. 

So im guessing playing around with chmod and chown will sort this as listed above

Thanks guys  :Smile:  i love gentoo forums

----------

## NeddySeagoon

gentoo2013,

If media is a real partition, you can mount it read only.

You could also set up mediatomb for serving your media.  It can use UPNP, which is good for windows users but do not use UPNP over the big bad internet, unless you tunnel it.

----------

## gentoo2013

I pretty much have it working 

the one problem is through sftp on filezilla is u can get to the root directory is there away to stop this ? 

I could setup a vsftp server but i thought the less stuff I installed the better.  

If i have to I will do this. 

The whole point is for me to use it over the inernet. 

I have xbmc and samba running on the machine for my home network which serves files to all my family that use wincows machines in the house 

Permissions now working perfectly 

Thanks for your help

----------

## NeddySeagoon

gentoo2013,

You can use a chroot - just like when you installed Gentoo

----------

## gentoo2013

A chroot for the user? 

How would i go about doing this ? 

Thank you so much  :Smile: 

----------

## NeddySeagoon

gentoo2013,

Achroot for the program and the data it provides.  Google chroot jail.

----------

## gentoo2013

Everything seems to be working just playing around with the chroot jail :0

----------

