HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

how to restrict my one ftp user account only access his home directory

 
Eric Unix
Frequent Advisor

how to restrict my one ftp user account only access his home directory

Hello All

I have created one ftp user account 'abc', and his home directory is '/home/abc'. How can i restricted him only get and upload data in his own home directory '/home/abc' ?

Ps :
I have created the 'abc' account, and use /usr/bin/false to let him cannot use telnet login.

Best Regards
Eric
Look forward
6 REPLIES
UVK
Trusted Contributor

Re: how to restrict my one ftp user account only access his home directory

Eric,

Have you heard of "chroot jail", you should be able to implement that here to solve your problem for info read the below wiki page

http://en.wikipedia.org/wiki/Chroot_jail

Hope that helps.

-uvk
-------------------------------------------
Like it or worked !! Click kudos !!
Eric Unix
Frequent Advisor

Re: how to restrict my one ftp user account only access his home directory

Hello UVK

Thanks for your messages, but dont understand it. Does there are any simple method ?

BR
eric
Look forward
Tingli
Esteemed Contributor

Re: how to restrict my one ftp user account only access his home directory

Or, you can use restricted shell. It is defined by /usr/lib/rsh.
smatador
Honored Contributor

Re: how to restrict my one ftp user account only access his home directory

Hi,
There is a recent thread about this
http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=1327896
and many other for example
http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=67609
In fact, you should consider created a chroot restricted ftp "a jail" with some ftp server like ProFtpd or change the permission
look a this paper
http://www.packetstormsecurity.org/0001-exploits/mi009en.htm
Hope it helps



Jeff Gyurko
Frequent Advisor

Re: how to restrict my one ftp user account only access his home directory

Hi Eric,

Quite simple actually. Create a group called ftpgroup. Add the user to want (in your case abc) to this group. Then as a home directory in the password file you would put the home directory for this user as /home/abc/./

When the user ftp's into the server, the home directory will be displayed as / while it's really /home/abc. This will prevent the user from being able to traverse up the directory tree, only down.
Steven Schweda
Honored Contributor

Re: how to restrict my one ftp user account only access his home directory

"man ftpd", look for "guest". Or do a Forum
search, and find some of the very many other,
similar requests?