Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Different users for Tentacle, SSH or FTP
#1
Hi

Does anyone have already tried to use the File Transfer (even if through Tentacle, SSH or FTP) setting one user and password for each agent? I have several agents to monitor which I'm not the owner and I'm not comfortable to provide a single password for all of them because of security reasons.

I'm thinking of setting a FTP server and provide a user for each agent, but I'm not quite sure on how can I do that. It will be possible to set one FTP server different form the Pandora's?


Thanks for helping,
Thiago Lima
 Reply
#2
Hi Thiago,

yes, you can use a FTP server. You have to point to the database where you staying users and passwords. This would be possible. Attached is a link to "pureftp" documentation .


http://download.pureftpd.org/pub/pure-ft...ADME.MySQL


Regards,

Sergio
 Reply
#3
Hi Sergio,

Thank you for your prompt reply! That's a very useful information already, but what I really want is set the pandora_agent.conf on each monitored Agent to use FTP and with a single combination of user and password. Then I don't want to use the user set on my Pandora FMS server and, instead, use the credentials set on the FTP server.

Do you know if is that possible to be done?


Thanks,
Thiago Lima
 Reply
#4
Yes,

in Agent Configuration File:

# Transfer mode: tentacle, ftp, ssh or local
transfer_mode tentacle

You can change "transfer_mode" to ftp.

Regards,

Sergio
 Reply
#5
Hi Sergio,

After changing this to FTP the user and password parameters of the settings file won't be used so are the software agents going to use the FTP credentials instead?
 Reply
#6
Exactly,

to change this, the server will stop Tentacle used and the FTP server is used.

A greeting,

Sergio
 Reply
#7
Hi Sergio,

Thanks for all the good information. These allowed me to avoid a lot of testing and saved me a bunch of time. I have installed a Pure FTP server as your suggestion and, as per the paper of the link that I'm writing below, is the most secure between it, ProFTPd and vsftpd.

The credentials are also created and working properly, the root directory is set as /var/spool/pandora/data_in so all of the users are gonna write the data files on the native path. This is good to avoid any workaround and unecessary file movement.

Now I'm facing a problem that the software agent is indeed using the password I have set, but the user is being passed as the user which run the software agent (at this moment is root). Since the server_opts parameter only affect the Tentacle protocol, I have my hands tied and I can see no option beside run the agent as the same user that I have set on the FTP (which is good, already).

So this is what I'm working on so far. As soon as I get something I'll let you know. If you have any further suggestion, it would be awesome if you could share it.


Once again, thanks for the help so far.
Thiago Lima

Reference: Evaluating FTP Servers - http://systembash.com/content/evaluating...vs-vsftpd/
 Reply


Users browsing this thread: 1 Guest(s)


(c) 2006-2018 Artica Soluciones Tecnol├│gicas. Contents of this wiki are under Create Common Attribution v3 licence. | pandorafms.com | pandorafms.org

Theme © MyBB Themes