Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 13
Like Tree5Likes
Hi everyone, I'm tired to create FTP account log-in to directory and he cant browse other system files ? for example i want to create account when he loggin It ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jan 2014
    Posts
    6

    How to create FTP-account


    Hi everyone,


    I'm tired to create FTP account log-in to directory

    and he cant browse other system files ?

    for example i want to create account when he loggin

    It should be in /Home/php/ just this directory ..?

  2. #2
    Linux Newbie
    Join Date
    Aug 2010
    Posts
    232
    Give him ownership of just that directory.

  3. #3
    Just Joined!
    Join Date
    Jan 2014
    Posts
    6
    Quote Originally Posted by electroman6913 View Post
    Give him ownership of just that directory.
    I dont understand you ( ownership ) ?

    Is it somthing about vsftpd ?

    i try many ways to use vsftpd but doesnt work with me...

    thanks for post

  4. #4
    Linux Engineer
    Join Date
    Dec 2013
    Posts
    1,188
    You can set up a user account that uses /usr/sbin/nologin as it's shell. That prevents the user from being able to login.

    <username> is to be replaced with something appropriate. The commands will need to b run a sudo or root. Check for location of nologin - it may be /sbin/nologin
    Code:
    echo "/usr/sbin/nologin" >> /etc/shells
    useradd -s /usr/sbin/nologin <username>
    This should allow you to set your ftp so that the directory can be accessed but they can't access any other directories.
    sidzen likes this.

  5. #5
    Just Joined!
    Join Date
    Jan 2014
    Posts
    6
    Quote Originally Posted by gregm View Post
    You can set up a user account that uses /usr/sbin/nologin as it's shell. That prevents the user from being able to login.

    <username> is to be replaced with something appropriate. The commands will need to b run a sudo or root. Check for location of nologin - it may be /sbin/nologin
    Code:
    echo "/usr/sbin/nologin" >> /etc/shells
    useradd -s /usr/sbin/nologin <username>
    This should allow you to set your ftp so that the directory can be accessed but they can't access any other directories.

    Doesn't work

    it says when i log-in "Connection failed (Unable to access SFTP sub-system, operation failed.)"

  6. #6
    Linux Engineer
    Join Date
    Dec 2013
    Posts
    1,188
    You still have to set up your ftp server. A nologin shell prevents login access or a user. If your using vftpd the config file is /etc/vsftpd.conf. I think you'll need to set local_enable=yes and set the directory you want access to as the users home directory.
    i.e.
    Code:
    usermod -d /home/php <username>
    sidzen and KevinCooler like this.

  7. #7
    Just Joined!
    Join Date
    Jan 2014
    Posts
    6
    Quote Originally Posted by gregm View Post
    You still have to set up your ftp server. A nologin shell prevents login access or a user. If your using vftpd the config file is /etc/vsftpd.conf. I think you'll need to set local_enable=yes and set the directory you want access to as the users home directory.
    i.e.
    Code:
    usermod -d /home/php <username>
    Thanks gregm

    it works when login to /home/php/

    but now he can do anything! (root) , and he can back to server files

    I want make him cant leave his folder just to upload and download files

    Sorry for my bad English, I hope you understand me now

  8. #8
    Linux Engineer
    Join Date
    Dec 2013
    Posts
    1,188
    The user shouldn't be on there as root. How did you set the user up?

    Add this line to the configuration file:
    Code:
    chroot_local_user=YES
    but if they have root access you should change it. If that folder is owned by root you probably need to change owner and group for the folder.

  9. #9
    Just Joined!
    Join Date
    Jan 2014
    Posts
    6
    Quote Originally Posted by gregm View Post
    The user shouldn't be on there as root. How did you set the user up?

    Add this line to the configuration file:
    Code:
    chroot_local_user=YES
    but if they have root access you should change it. If that folder is owned by root you probably need to change owner and group for the folder.
    I gonna tell you all what i did to know whats wrong

    this is my vsftpd.conf setting...

    Code:
    # Example config file /etc/vsftpd.conf
    listen=YES
    #listen_ipv6=YES
    #anonymous_enable=YES
    local_enable=YES
    write_enable=YES
    #local_umask=022
    #anon_upload_enable=YES
    #anon_mkdir_write_enable=YES
    dirmessage_enable=YES
    xferlog_enable=YES
    connect_from_port_20=YES
    #chown_uploads=YES
    #chown_username=whoever
    #xferlog_file=/var/log/vsftpd.log
    #xferlog_std_format=YES
    #idle_session_timeout=600
    #data_connection_timeout=120
    #nopriv_user=ftpsecure
    #async_abor_enable=YES
    ascii_upload_enable=YES
    ascii_download_enable=YES
    ftpd_banner=Bienvenid@ al FTP.
    #deny_email_enable=YES
    #banned_email_file=/etc/vsftpd.banned_emails
    chroot_local_user=NO
    chroot_list_enable=YES
    chroot_list_file=/etc/vsftpd.chroot_list
    #ls_recurse_enable=YES
    secure_chroot_dir=/var/run/vsftpd
    pam_service_name=vsftpd
    userlist_enable=YES
    userlist_deny=NO
    rsa_cert_file=/etc/ssl/certs/vsftpd.pem

    Code:
    touch /etc/vsftpd.user_list
    touch /etc/vsftpd.chroot_list
    and I added user1 to this file

    then i added group

    groupadd ftpusers
    Code:
    useradd -g ftpusers -c user1 -d /home/php/ user1
    Code:
    chown ftpusers:user1 /home/php/
    Code:
    chmod 755 /home/php/
    Code:
    usermod -a -G ftpusers user1
    Can anyone tell me whats wrong?

  10. #10
    Just Joined!
    Join Date
    Apr 2013
    Posts
    69
    dirlist_enable
    If set to NO, all directory list commands will give permission denied.
    Default: YES


    chroot_local_user
    If set to YES, local users will be (by default) placed in a chroot() jail in their home directory after login. Warning: This option has security implications, especially if the users have upload permission, or shell access. Only enable if you know what you are doing. Note that these security implications are not vsftpd specific. They apply to all FTP daemons which offer to put local users in chroot() jails.
    Default: NO


    chroot_list_enable
    -If you set this one to YES, and chroot_local_user is set to NO (your case), then all users listed in /etc/vsftpd/chroot_list will be placed in a chroot() jail in their home directory upon login.
    -If you set this one to YES, and chroot_local_user is set to YES, then all users listed in /etc/vsftpd/chroot_list will NOT be placed in a chroot() jail in their home directory upon login.
    Default: NO

    (all three found in the man page of vsftp.conf)

    So, I guess that you may have forgot to add the user 'user1' to the
    /etc/vsftpd.chroot_list file ?
    KevinCooler and sidzen like this.

Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •