HPE Community
Operating System - Linux
1822552 Members
2931 Online
109642 Solutions
New Discussion юеВ

"Restrict User to his Home directory during FTP"

 
SOLVED
Go to solution
Tania Ap. Serpa Martins
Advisor

тАО04-13-2005 05:12 AM

тАО04-13-2005 05:12 AM

"Restrict User to his Home directory during FTP"

People,

I have read about ftpaccess and wu-ftp, and I would like to know if there is someone that had implemented FTP for users and they are restricted to access their HOME directory during FTP process. What tool was used to implement it?
If you want something, you need to persist to get that.
0 Kudos
7 REPLIES 7
RAC_1
Honored Contributor

тАО04-13-2005 06:01 AM

тАО04-13-2005 06:01 AM

Re: "Restrict User to his Home directory during FTP"

Does it help, if you set perms correctly??

eg. /home/xxx will be owned by xxx with 755 perms only. /home will be owned by root with 755
There is no substitute to HARDWORK
0 Kudos
Slawomir Gora
Honored Contributor

тАО04-13-2005 06:14 AM

тАО04-13-2005 06:14 AM

Re: "Restrict User to his Home directory during FTP"

Hi,

I recommend you proftpd server
http://www.proftpd.org/

If you want restricted access to users home directory just uncomment (or add) below line in proftpd config file (/etc/proftpd.conf)

DefaultRoot ~

0 Kudos
Rick Garland
Honored Contributor

тАО04-13-2005 07:44 AM

тАО04-13-2005 07:44 AM

Re: "Restrict User to his Home directory during FTP"

You can setup a 'chroot' for this account. The directory they can ftp to is the root directory as they see it. They can traverse down the directory structure from the $HOME (including mkdir) but they will not be able to go any higher than $HOME. Basically they are kept in a chroot jail.

Note that this setup can be accomplished for user ftp access to other directories as well.

Look up 'chroot'. There is lots of info for this.
0 Kudos
Stuart Browne
Honored Contributor

тАО04-13-2005 12:43 PM

тАО04-13-2005 12:43 PM

Solution

Re: "Restrict User to his Home directory during FTP"

Rick is right on the money!

'man ftpaccess', search for 'chroot'.

In most recent distributions, this is the default environment.

If using an older distribution (older than RH8), then you may need to update the FTP server you are using, to either a newer wu-ftpd, or to something better (proftpd, or vsftpd).

If the users who are accessing this system are coming from another Linux/Unix box, it may also be wise to investigate the use of SSH/SCP/SFTP instead.
One long-haired git at your service...
0 Kudos
Tania Ap. Serpa Martins
Advisor

тАО04-13-2005 10:32 PM

тАО04-13-2005 10:32 PM

Re: "Restrict User to his Home directory during FTP"

I would like thank you everybody for the response. I could make test with FTPACCESS and it have ran without problem, the way what I want. But when users in Restrict mode the commands like ls -l, dir don├В┬┤t run, only command ls like ftp anonymous.

Thanks a lo
If you want something, you need to persist to get that.
0 Kudos
Rick Garland
Honored Contributor

тАО04-14-2005 05:15 AM

тАО04-14-2005 05:15 AM

Re: "Restrict User to his Home directory during FTP"

When you setup a chroot jail, you create a directory structure under the specific users home that contains the various commands such as 'ls'.

This is required because the user cannot go any higher, this is the root directory to the user. All other commands (/usr/bin, /usr/sbin, etc.) are unknown because of the chroot jail.

Research the chroot. You will find that you need to copy some of the commands to the chroot jail for the specific user.
0 Kudos
Tania Ap. Serpa Martins
Advisor

тАО04-14-2005 05:53 AM

тАО04-14-2005 05:53 AM

Re: "Restrict User to his Home directory during FTP"

Thank you everybody, now I can restrict user in your Home directory with FTPACCESS"

Best Regards,

Tania
If you want something, you need to persist to get that.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.