Created
June 5, 2012 18:55
-
-
Save Mouad-BGD/2876947 to your computer and use it in GitHub Desktop.
Linux users and vsftp
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Yes, it is this simple, creating a new user for ftp access in vsftpd is as easy as creating a new valid linux system user. | |
# useradd username | |
# passwd username | |
Disable SSH access for FTP users | |
The default user creation script will give a user the /bin/bash shell, which can be a little too powerful. If you don't want your users logging into your server via SSH, we need to know how to block this access. If you change the shell to /bin/false, the users will only be able to login via ftp or mail if you have that setup. Here is how to modify your users: | |
usermod -s /sbin/nologin username | |
Chroot a user | |
Alright and probably the most important part of this article is the ability to lock a user down to their own home directory so they don't go around mucking with things they aren't supposed to. The beauty of this is it is a function built in to vsftpd and was partially covered in the Installing vsftpd article. All you have to do is add the username to the file /etc/vsftpd/chroot_list, each user on their own line. | |
That pretty much covers it for vsftpd, and at this point you should be able to create a new system user, set them up for vsftpd and do some basic tweaks to their access level. These last two articles dealt with vsftpd in a CentOS Linux system. Now we will show you how to install vsftpd on a server running Ubuntu. | |
-------------------------------------------------------------------------------------------------------------------------- | |
#edit /etc/vsftpd/vsftpd.conf or /opt/etc/vsftpd.conf | |
Open the vsftpd.conf file and search for chroot_list_enable=YES | |
Make sure it is YES. Do the same for the following variables | |
chroot_list_file=/etc/vsftpd.chroot_list or /opt/etc/vsftpd.chroot_list | |
chroot_list_enable=YES | |
Save and close the file | |
Create vsftpd.chroot_list in /etc/ or /opt/etc/ | |
Add the username you want to export to ftp. | |
IMP: The user must already be a system user with a valid passwd. You must be able to find /home/ | |
If the user you want to add is not a system user then create that user first before editing the above file. | |
#adduser | |
#passwd | |
Restart the vsftpd server using /etc/init.d/vsftpd restart or service vsftpd restart | |
Now you can log into ftp using the new user. | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/etc/vsftpd/vsftpd.config | |
anonymous_enable=NO | |
chroot_list_enable=NO /* jail the users to thier home dir*/ | |
chroot_local_user=YES | |
chroot_list_file=/etc/vsftpd/chroot_list /* create that file*/ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment