HPE Community
Operating System - Linux
1753613 Members
6239 Online
108797 Solutions
New Discussion юеВ

Re: Restict some users to do vsftp

 
restrict a perticular p
Occasional Advisor

тАО03-09-2010 06:23 AM

тАО03-09-2010 06:23 AM

Restict some users to do vsftp

Hi Gurus,

I need your help in restricting some users to use the service vsftp.

My system details are as follows

OS SLES Relase 9 update 4
vsftp version vsftpd-2.0.4-0.3

Any help with this reagrds is most welcome.
0 Kudos
Reply
7 REPLIES 7
Michal Kapalka (mikap)
Honored Contributor

тАО03-09-2010 06:46 AM

тАО03-09-2010 06:46 AM

Re: Restict some users to do vsftp

hi,

i think this could be the answer :

http://www.linuxforums.org/forum/redhat-fedora-linux-help/28309-ftp-only-account-vsftp.html

mikap
0 Kudos
Reply
restrict a perticular p
Occasional Advisor

тАО03-09-2010 08:33 AM

тАО03-09-2010 08:33 AM

Re: Restict some users to do vsftp

Thanks for your reply,
But that is not the solution i am looking for.

is there any other way to achieve this.

Regards
Anand
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

тАО03-09-2010 11:56 AM

тАО03-09-2010 11:56 AM

Re: Restict some users to do vsftp

Shalom,

What kind of restrictions do you want to impose?

vsftpd has anonymous ftp enabled by default?

To provide a solution, a goal statement is needed. "Restricting some users..." Restricting them from doing what?

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
restrict a perticular p
Occasional Advisor

тАО03-10-2010 02:42 AM

тАО03-10-2010 02:42 AM

Re: Restict some users to do vsftp

Hi Protter,

Thanks for your reply.
below is my requirement,

I need to restict perticular user to use the vsftp service.

That mean the perticular user should not login to the server using vsftp.

For example: Say user abc and xyz are using vsftp to login to server, then I wanted to restrict user abc to login using vsftp and user xyz is allowd on the server to use vsftp.

hope this clears my requirement.
0 Kudos
Reply
Alexander Chuzhoy
Honored Contributor

тАО03-10-2010 04:04 AM

тАО03-10-2010 04:04 AM

Re: Restict some users to do vsftp

From "man vsftpd.conf":
The mentioned below options should be added to the vsftpd.conf file followed by restart of vsftpd:
userlist_deny
This option is examined if userlist_enable is activated. If you set this setting to NO, then users will be denied login unless they are
explicitly listed in the file specified by userlist_file. When login is denied, the denial is issued before the user is asked for a
password.

Default: YES

userlist_enable
If enabled, vsftpd will load a list of usernames, from the filename given by userlist_file. If a user tries to log in using a name in
this file, they will be denied before they are asked for a password. This may be useful in preventing cleartext passwords being trans-
mitted. See also userlist_deny.

Default: NO
0 Kudos
Reply
restrict a perticular p
Occasional Advisor

тАО03-12-2010 06:38 AM

тАО03-12-2010 06:38 AM

Re: Restict some users to do vsftp

I believe yes this is the solution.

I will try this solution in the test servers and let all of you know.

I am planning to do following in /etc/vsftpd.conf file


userlist_file/etc/vsftpd.user_list

userlist_enable=YES

userlist_deny=YES


If anyone already tried this solution or have other tested solution then please let me know.


0 Kudos
Reply
restrict a perticular p
Occasional Advisor

тАО03-12-2010 06:39 AM

тАО03-12-2010 06:39 AM

Re: Restict some users to do vsftp

Forgot to mention,
I will put the resticted user list in the file etc/vsftpd.user_list.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.