Page 1 of 1

Default access rights for "anonymous" at NAS

PostPosted: Tue Dec 24, 2019 11:19 pm
by Hard-Boiled
Hi,
hope, this is the Right place to ask, didn't find answers in the FAQs.

There is an Option in ADM allowing "anonymous" Access for Public Folders for "FTP/WebDAV"
-> "Access Control-> Shared Folders -> publiv Folder -> Access Rights

Questions :
- However, I don't see the user "anonymous" in the user list, when checking "Access Control -> Local users" ?

- The Option mentioned above, mentions "FTP/WebDAV" , but doesn't mention SFTP ?

- What are the Default access-Rights for such an anonymous user at the NAS (assuming a clean NAS/ADM install) ? Access to all public ? Or, to just to an "anonymous user Directory" ?

- should i see the user "anonymous" in "System Information -> Online users" when somebody is using this ID, e.g. via SFTP ?

Thanks!

Re: Default access rights for "anonymous" at NAS

PostPosted: Wed Dec 25, 2019 12:47 am
by father.mande
Hi,
Hard-Boiled wrote:Hi,
hope, this is the Right place to ask, didn't find answers in the FAQs.
There is an Option in ADM allowing "anonymous" Access for Public Folders for "FTP/WebDAV"
-> "Access Control-> Shared Folders -> publiv Folder -> Access Rights
Questions :
- However, I don't see the user "anonymous" in the user list, when checking "Access Control -> Local users" ?
- The Option mentioned above, mentions "FTP/WebDAV" , but doesn't mention SFTP ?
- What are the Default access-Rights for such an anonymous user at the NAS (assuming a clean NAS/ADM install) ? Access to all public ? Or, to just to an "anonymous user Directory" ?
- should i see the user "anonymous" in "System Information -> Online users" when somebody is using this ID, e.g. via SFTP ?
Thanks!


Anonymous user is to designate ANY not define user try to connect to a site
Anonymous user is generally refused except
... on Web site without credentials
... on FTP (SFTP NOT ... require a know login so a define user) and WebDav (web access to folder)

SO :
you never see a user named Anonymous (don't exist in the NAS)
you can see a "guest" user generally used (with very low access right) by SMB (so in your local LAN), but also used by default to restrict access in an application to a non logged user
FTP and Webdav can manage by itself the view and authorization to access files and folder ... FTP recommend to move user anonymous is a chroot environment to avoid any risk for your data, FTP also don't open all folder by a specific one RESERVED for unknown user like Anonymous
Anonymous is any value ... sometimes mail address format is require.

Philippe.

Re: Default access rights for "anonymous" at NAS

PostPosted: Wed Dec 25, 2019 2:36 am
by Hard-Boiled
Hi,
thanks for your Feedback !

If've also found this on the net :

"If you need to transfer files over anonymous FTP, sftp is not the program to use. Because all sftp connections are encrypted, they require a username and password (or public key authentication). So, for anonymous FTP transfers, use regular ftp."


So, when i take this and Combine this with your Reply, this would mean to me, that it is NOT possible to log-in "anonymous" via SFTP" on the NAS. The only excemption would be, if i would provide a dedicated user named "anonymous" and a dedicated Password for this user. SFTP is also not using "guest".

PS: provided, this is also the "Default" setup for the ASUSTOR implementation.