restricted ftp access

[doshiaj]

Hi,

On our deployment server, we have IP based restriction for accessing the ftp port from our local servers only. Now, for a application, I need to open ftp access to some clients as well. First, I will have to create a user for the client to login through ftp, correct me if I am wrong. Then, would it be possible to control the set of commands the client can fire through ftp? Like I want the client to restrict to only certain folders and only certain ftp commands like put only, no get etc. Can I do this? If yes, how?

Ankit

[kkubasik]

yes, you can. as far as put vs get, you can give them only read/execute/write access as i understand it. i think you can restric commands, but im not sure if all clients support that.

[sreenadh]

Hello,

Like guru said it is possible to restrict some commands. But not directly.... indirectly.
Means you cannot restrict the commands but you can change the permission of the User's default FTP directory. If ithe user has only read permission naturally the PUT command will not work.

You can put the client level restriction using a firewall. I will recommend iptables. It is powerful. It is flexible.

[stathisx]

you can give someone the commands to use in the specific folder..if you want to give him ls command do this:
cp /bin/ls /home/ftp/bin (folder home of the ftp user that has logged in).