Site Requirements - Can I do this on Linode?
I have never had my own VPS, but I need a website where I can create a lot of FTP accounts for students so they can upload assignments to their own folders.
Background
I am a Linux newb, though I use Solaris and Mac OSX command line stuff all the time for work. No heavy lifting, more just moving, downloading, installing things but I've never set up Apache or an FTP program.
I teach an Intro to Web Development program at a school that has no web space for students. Historically I have done this on a shared web host using cPanel. I go in, create an FTP account for each student, which then creates a space on the filesystem for that student. Usually something like:
This worked perfectly until the hosting company I am with suddenly changed their setup so they only allowed 5 concurrent FTP connections from 1 IP address. The problem is that I have a class of 60 students all trying to get their index.html file to work. The lab I am in routes all traffic through a single IP.
I have 3 other instructors who also teach similar classes (getting started with CSS, getting started with JS, etc), so I need to make sure that creating FTP Accounts for students is a simple process.
What I need
* An easy (preferably GUI) way to create FTP accounts that will provision a folder when the account is created. No one is going to be happy if there is a lot of work involved in creating 180 new accounts every single term.
Up to 60 simultaneous FTP connections to the server from a single IP source. This seems to be a restriction on most shared accounts, but not on VPS accounts.
I also need SSIs and PHP installed for some minor projects we do in week 9 and 10.
The big question
Is this something I can set up on Linode? Is this hard? Will it require a lot of upkeep? I'm not very experienced but I learn pretty quickly.
A note about FTP over other technologies
I use FTP with students, despite the fact that it's a security nightmare, because it is easy to understand and believe me, for the students I am getting it needs to stay easy. They all use Filezilla, so I guess I could do SFTP, but can you set up accounts in the same manner?
9 Replies
Then whip up a quick php script to batch add people to the database from something like a csv file.
While I don't know if there is any GUI, the process and information to create for a new user is pretty simple, and could easily be scripted or a quick 'n dirty web page put up.
Once set up, to create users, you just need to:
3. Add a line to the virtual user password file
Create some local directory for that account to use
Add a config file for the user to set vsftpd to lock the user to that directory (can be avoided if the directory will match the user name) I did the following on my system to set up the above scenario. First, the basic vsftpd.conf looked like:
ftpd_banner=XXXX.com FTP server
anonymous_enable=NO
local_enable=YES
virtual_use_local_privs=YES
write_enable=YES
guest_enable=YES
guest_username=[USER]
chroot_local_user=YES
hide_ids=YES
user_config_dir=/etc/vsftpd/users
The [USER] entry is the actual system user that you wish the ftp users to act as when working with the local filesystem. So technically all files will be owned by the same system user, but each user is locked to their own respective directory anyway. Although one aspect of this is you can create an administrative account that is rooted right above all the per-user directories and can then access everything.
Of course, if you'd prefer you could create actual system accounts for each user, but since they'll never do anything but use ftp it seems more overhead than its worth.
To support password lookup without requiring an actual system user, I added a PAM configuration file to reference a separate password file for vsftpd.
# /etc/pam.d/vsftpd
auth required pam_pwdfile.so pwdfile /etc/vsftpd/passwd
account required pam_permit.so
The /etc/vsftpd/passwd file can be maintained with htpasswd from Apache, for example.
Now, in my case there wasn't always a clean mapping between user and directory, so I implemented per-user configuration files (in /etc/vsftpd/users via the userconfigdir setting) each of which had at least one configuration line setting local_root appropriately, as in:
# /etc/vsftpd/users/someuser
local_root=
But if you can keep your directory names matching the account names, then vsftpd has some other options to make that easier by setting usersubtoken, and then assigning your dedicated "guest" user a home directory including that token, which then gets replaced with the virtual username.
So, for example, if usersubtoken was set to "$USER", and your guest user (say "student") has a home directory of /srv/students/$USER, then logging in with a virtual user of "fred" will lock that ftp session to the /srv/students/fred folder (which must already exist).
Hope that gives you some ideas.
– David
Otherwise, one clever student, and you're wasting hours debugging your VPS system, or just trashing every students work and starting fresh.
Get a reseller account on any one of the shared hosting services (I like Downtownhost - search for coupons online - cheap, good for shared hosting - decent support).
As the saying goes - why reinvent the wheel - stick with what worked before.
@vonskippy:
Otherwise, one clever student, and you're wasting hours debugging your VPS system, or just trashing every students work and starting fresh.
That kind of hits the nail on the head. I am a fulltime faculty member and I simply have zero time for fussing around with a system.
@vonskippy:
Get a reseller account on any one of the shared hosting services
…and we're right back where I started. In all my searching, I have had a hard time finding a place that allows more than just a couple simultaneous ftp connections from a single IP. Same old same old every email or live-chat that I do.
That way you get the best of both worlds, you get the vps you want and don't have to touch it.
Why not use a php upload script or html 5 drag and drop. This would seem like the easiest way. Let the user login to the page then allow them to upload files.
Example:
@mnordhoff:
I am confused that SFTP has not been mentioned anywhere in this discussion…
As far as I know, there's not a convenient solution for using sftp without actual user accounts on the system, and when he's swapping students with this much volume and frequency, I'd say that's a must.
Really, I don't see the need for managed in this case. Proftpd, virtual hosting with MySQL, a simple script on the server to turn a text file full of names into database entries, voila!
I'd recommend setting it up to serve FTPS, but even then, that just adds protection for your students.
Installing cpanel is easy as 123! Every noob can do it!