Category Archives: Technical

How to create a SFTP user

Posted by Suneil on


1) Log into SFTP server.

2) Create the SFTP user with no shell.
useradd -s /sbin/nologin -d /home/UserName -m UserName

3) Craete the directory to upload files.
mkdir -p /home/UserName/ftpsite/upload

4) Change the permission of user’s home directory.
chown root:root /home/UserName
chown root:root /home/UserName/ftpsite

5) Change the permission of user’s upload directory.
chown UserName:sftp upload

6) Set the group ‘sftp’ for the ‘UserName’.
usermod -g sftp UserName

7) Add the new user to SSH configuration
File: /etc/ssh/sshd_config

Configuration:

Subsystem sftp internal-sftp
AllowUsers UserName UserName1 UserName2
Match Group sftp

ChrootDirectory /home/%u/ftpsite
ForceCommand internal-sftp
AllowTcpForwarding no

8) Restart the SSH daemon.
/etc/init.d/sshd restart

Connect to FTP server and upload files to check the functionality.

Port: 22

 

Dealing with Shortcut Virus in Windows OS

Posted by Suneil on

The most common virus menace for Windows users is the shortcut virus changing all your files and folders in pendrive to shortcuts. It’s a familiar problem among most college students. We have all tried to use the ineffective shortcut virus remover, a third party software, to solve the problem. But it is very simple to deal with.

Delete all the shortcuts from the pendrive. They can be identified by the arrow symbol in icons and having a size of less than 4kB usually.
1) Now open command prompt.
2) Go to the pendrive by typing cd <alphabet assigned to drive>:
3) Now enter the magic line attrib -s -h /S /D
4) Wait for some time… Its done! All your files and folders are back.

The secret behind this:
The virus only changes the folders’ system attributes, makes it hidden and creates shortcuts. So by removing the shortcuts, and removing the hidden and system attributes from all files and folders, you have terminated the virus without trace!

Export/Import Putty sessions from registry

Posted by Suneil on

Putty sessions and settings are saved in the registry. To Export them, run the following command in Windows command prompt:

regedit /e “%userprofile%\desktop\putty-registry.reg” HKEY_CURRENT_USER\Software\Simontatham

 

A file will be saved. Copy that file into destination computer and run it by double clicking on it to import the settings.

 

 

Increase the screen timeout in Windows OS

Posted by Suneil on

Add this setting to the registry to increase the screen timeout in Windows operating system. Open your registry and find or create the key below:

HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Control Panel\Desktop\

Create a new ‘REG_SZ’ value, or modify the existing value, called “ScreenSaveTimeOut” and set it according to the value data below. Exit your registry; you may need to restart or log out of Windows for the change to take effect.

Note: This functionality requires Windows NT Service Pack 4 or higher or Windows 2000.

Registry Settings
User Key: [HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Control Panel\Desktop]
Value Name: ScreenSaveTimeOut
Data Type: REG_SZ
Value Data: 984567843219987654321 (This is in seconds. 60 seconds = 1 minute). Don’t set it to below 60 seconds. 

If you want to disable ‘ScreenSaveTimeOut’ option, you need to delete this keyword.

Disclaimer: Modifying the registry can cause serious problems that may require you to reinstall your operating system. We cannot guarantee that problems resulting from modifications to the registry can be solved. Use the information provided at your own risk.

Difference between Active and Passive FTP | plus diffrence bwetween port 20 and 21

Posted by Suneil on

Active and passive are the two modes that FTP can run in. FTP uses two channels between client and server, the command channel and the data channel, which are actually separate TCP connections. The command channel is for commands and responses, the data channel is for actually transferring files. It’s a nifty way of sending commands to the server without having to wait for the current data transfer to finish.

In active mode, the client establishes the command channel (from client port X to server port 21(b)) but the server establishes the data channel (from server port 20(b) to client port Y, where Y has been supplied by the client).

In passive mode, the client establishes both channels. In that case, the server tells the client which port should be used for the data channel.

Passive mode is generally used in situations where the FTP server is not able to establish the data channel. One of the major reasons for this is network firewalls. While you may have a firewall rule which allows you to open up FTP channels to ftp.microsoft.com, Microsoft’s servers may not have the power to open up the data channel back through your firewall.

Passive mode solves this by opening up both types of channel from the client side. In order to make this hopefully clearer:

Active mode:

Client opens up command channel from client port 2000(a) to server port 21(b).
Client sends PORT 2001(a) to server and server acknowledges on command channel.
Server opens up data channel from server port 20(b) to client port 2001(a).
Client acknowledges on data channel.
Passive mode:

Client opens up command channel from client port 2000(a) to server port 21(b).
Client sends PASV to server on command channel.
Server sends back (on command channel) PORT 1234(a) after starting to listen on that port.
Client opens up data channel from client 2001(a) to server port 1234(a).
Server acknowledges on data channel.
At this point, the command and data channels are both open.

(a)Note that the selection of ports on the client side is up to the client, as the selection of the server data channel port in passive mode is up to the server.

(b)Further note that the use of port 20 and 21 is only a convention (although a strong one). There’s no absolute requirement that those ports be used although the client and server both have to agree on which ports are being used. I’ve seen implementations that try to hide from clients by using different ports (futile, in my opinion).

Disable the Lock Workstation Button

Posted by Suneil on

Add this setting to the registry to stop unauthorized users from locking machines from the Windows Security dialog box. Open your registry and find or create the key below.

Create a new DWORD value, or modify the existing value, called “DisableLockWorkstation” and set it according to the value data below. Exit your registry; you may need to restart or log out of Windows for the change to take effect.

Note: This functionality requires Windows NT Service Pack 4 or higher or Windows 2000.

Registry Settings
User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
System]
System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
System]
Value Name: DisableLockWorkstation
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = disabled, 1 = enabled)

Disclaimer: Modifying the registry can cause serious problems that may require you to reinstall your operating system. We cannot guarantee that problems resulting from modifications to the registry can be solved. Use the information provided at your own risk.