Operating System - HP-UX
1748069 Members
5205 Online
108758 Solutions
New Discussion юеВ

Re: how to restrict my one ftp user account only access his home directory

 
Eric  Unix
Frequent Advisor

how to restrict my one ftp user account only access his home directory

Hello All

I have created one ftp user account 'abc', and his home directory is '/home/abc'. How can i restricted him only get and upload data in his own home directory '/home/abc' ?

Ps :
I have created the 'abc' account, and use /usr/bin/false to let him cannot use telnet login.

Best Regards
Eric
Look forward
6 REPLIES 6
UVK
Trusted Contributor

Re: how to restrict my one ftp user account only access his home directory

Eric,

Have you heard of "chroot jail", you should be able to implement that here to solve your problem for info read the below wiki page

http://en.wikipedia.org/wiki/Chroot_jail

Hope that helps.

-uvk
-------------------------------------------
Like it or worked !! Click kudos !!
Eric  Unix
Frequent Advisor

Re: how to restrict my one ftp user account only access his home directory

Hello UVK

Thanks for your messages, but dont understand it. Does there are any simple method ?

BR
eric
Look forward
Tingli
Esteemed Contributor

Re: how to restrict my one ftp user account only access his home directory

Or, you can use restricted shell. It is defined by /usr/lib/rsh.
smatador
Honored Contributor

Re: how to restrict my one ftp user account only access his home directory

Hi,
There is a recent thread about this
http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=1327896
and many other for example
http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=67609
In fact, you should consider created a chroot restricted ftp "a jail" with some ftp server like ProFtpd or change the permission
look a this paper
http://www.packetstormsecurity.org/0001-exploits/mi009en.htm
Hope it helps



Jeff Gyurko
Frequent Advisor

Re: how to restrict my one ftp user account only access his home directory

Hi Eric,

Quite simple actually. Create a group called ftpgroup. Add the user to want (in your case abc) to this group. Then as a home directory in the password file you would put the home directory for this user as /home/abc/./

When the user ftp's into the server, the home directory will be displayed as / while it's really /home/abc. This will prevent the user from being able to traverse up the directory tree, only down.
Steven Schweda
Honored Contributor

Re: how to restrict my one ftp user account only access his home directory

"man ftpd", look for "guest". Or do a Forum
search, and find some of the very many other,
similar requests?