Find the answer to your Linux question:
Results 1 to 7 of 7
Dear All, I would like to create new user where there can both ftp and also ssh to my server. The problem when they login either via ssh or ftp ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jul 2010
    Posts
    72

    Control access to folder both from ssh and ftp.


    Dear All,
    I would like to create new user where there can both ftp and also ssh to my server. The problem when they login either via ssh or ftp I just want them to be able to see only particular folder and not other folder. How can I control that? Thank you.

  2. #2
    Just Joined!
    Join Date
    Feb 2010
    Posts
    8
    Hi,

    To be frank I am not much sure on this . There will be a hook to ftpd to authenticate the user, may be little playing around this hook you will be able to control the users previlege.

    For SSHed restriction you need to work much on fine grained ACL's (Access control list). At extreme case there are some third party tools like selinux, grsecurity using which you can satisfy your needs. To be frank my suggestions are just an idea not a perfect one.

    Thanks,
    Jai

  3. #3
    Just Joined!
    Join Date
    Aug 2009
    Posts
    83
    - A FTP daemon like Vsftpd comes with extensive documentation. Grep it for the term' chroot' and you'll even find xamples on how to set up a confined user account. On top of that Vsftpd allows for virtual user accounts so you don't have to allow them a regular account and login as well.
    - OpenSSH since 4.9p1 (or 5.2?) has chroot functionality built in. See 'man 5 sshd_config' for the "ChrootDirectory" option.
    - If by SSH you mean a "FTP-like SSH equivalent" see restricted shells like 'scponly' with which you can confine a user to only use SCP or SFTP (not to be confused with secure FTP aka FTPS) so the user can not log in interactively or execute commands remotely.

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Jul 2010
    Posts
    72
    Dear All,
    I am using centos 5.5. So meaning I must first install Vsftpd is it? So any other fine tutorial for me to follow as I am very new into this. Thank you.

  6. #5
    Just Joined!
    Join Date
    Aug 2009
    Posts
    83
    Yes, to use software you have to install it. Being new to this is not the problem but not being able to read will be. Just run 'yum install vsftpd' (vsftpd-2.0.5 being current as far as I know) then read the documentation in /usr/share/doc/vsftpd-2.0.5 and see the examples in /usr/share/doc/vsftpd-2.0.5/EXAMPLE. After that make a backup of your /etc/vsftpd/vsftpd.conf for later reference, modify it from what you've read and try it. Also see Red Hat / CentOS VSFTPD FTP Server Configuration.

  7. #6
    Just Joined!
    Join Date
    Jul 2010
    Posts
    72
    Dear unspawn,
    I have install it. So I have gone to my /usr/share/doc/vsftpd-2.0.5 folder. So which file your want me to read is it the README. So how activate it? Then once any of my user would want to ftp will have to pass through this software is it? Thank you.

  8. #7
    Just Joined!
    Join Date
    Aug 2009
    Posts
    83
    Quote Originally Posted by newbie14 View Post
    So I have gone to my /usr/share/doc/vsftpd-2.0.5 folder. So which file your want me to read is it the README.
    I do not want you to read anything. You must want to read it yourself to understand what you will be using. So. Did you read all of /usr/share/doc/vsftpd-2.0.5 and some of the examples in /usr/share/doc/vsftpd-2.0.5/EXAMPLE?


    Quote Originally Posted by newbie14 View Post
    So how activate it?
    Did you make a backup of your /etc/vsftpd/vsftpd.conf? Did you modify it from what you've read? After that run '/etc/init.d/vsftpd start' to run the FTP daemon. Now you can test your login.


    Quote Originally Posted by newbie14 View Post
    Then once any of my user would want to ftp will have to pass through this software is it?
    That's the idea, yes.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •