LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-26-2006, 12:36 PM   #1
manish_meet_in
Member
 
Registered: Apr 2006
Posts: 40

Rep: Reputation: 15
how to restrict ftp user


hi

I configured vsftpd in RHL 9.0. I created virtual users
test1 to ftp file in to /var/ftp/pub/upload directory.
I set users with sh /dev/null so users can't telnet.

I don't want to give access to ftp users for other commands like "cd" otherwise they will change dir and ftp in other directory.

I don't want to allow ftp user to change directory ? How?

Is there anybody can help me...

Thanks
 
Old 05-26-2006, 12:56 PM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
clearly not an intro. please choose your forums more carefully next time. moved to Linux - Newbie.
 
Old 05-29-2006, 03:07 AM   #3
asheesh.tyagi
Member
 
Registered: Apr 2005
Location: Delhi,India
Distribution: Red Hat
Posts: 35

Rep: Reputation: 15
Run vsftpd in chrooted environment.in this environment users will not be able to go outside there
home directories.Home directories will work as / for users.
 
Old 05-29-2006, 04:45 AM   #4
timmeke
Senior Member
 
Registered: Nov 2005
Location: Belgium
Distribution: Red Hat, Fedora
Posts: 1,515

Rep: Reputation: 61
The cmds_allowed option of vsftpd.conf should be useful to you if you want more control over specific FTP
commands.
However, chroot'ing probably is the easiest way.

Do take into account that virtual users are mapped to a single real user, so they are all chroot'ed to the same home directory, unless you use the user_config_dir option of vsftpd.
 
Old 05-30-2006, 07:49 AM   #5
manish_meet_in
Member
 
Registered: Apr 2006
Posts: 40

Original Poster
Rep: Reputation: 15
Hi asheesh

After change chroot variable it is working fine.

Thanks a lot...
 
Old 05-30-2006, 07:51 AM   #6
manish_meet_in
Member
 
Registered: Apr 2006
Posts: 40

Original Poster
Rep: Reputation: 15
Hi Timmeke

I havn't found any cmd_allows options in vsftpd.conf file in Linux.
Can you please let us know ....

Thanks
 
Old 05-30-2006, 09:18 AM   #7
timmeke
Senior Member
 
Registered: Nov 2005
Location: Belgium
Distribution: Red Hat, Fedora
Posts: 1,515

Rep: Reputation: 61
From
Code:
man vsftpd.conf
cmds_allowed:

This options specifies a comma separated list of allowed FTP
commands (post login. USER, PASS and QUIT are always allowed
pre-login). Other commands are rejected. This is a powerful
method of really locking down an FTP server. Example:
cmds_allowed=PASV,RETR,QUIT

Default: (none)
 
Old 05-31-2006, 08:13 AM   #8
manish_meet_in
Member
 
Registered: Apr 2006
Posts: 40

Original Poster
Rep: Reputation: 15
Hi

I search cmd_allows command in vsftpd.conf file but I coudn't find anything in it.
 
Old 05-31-2006, 08:43 AM   #9
asheesh.tyagi
Member
 
Registered: Apr 2005
Location: Delhi,India
Distribution: Red Hat
Posts: 35

Rep: Reputation: 15
it is cmds_allowed and search in man vsftpd.conf as file vsftpd.conf does not contains
all the available options.
 
Old 05-31-2006, 11:52 PM   #10
joseph
Member
 
Registered: Jun 2003
Location: Batam
Distribution: Ubuntu 10 And Linux Mint
Posts: 414

Rep: Reputation: 30
Quote:
Originally Posted by manish_meet_in
hi

I don't want to allow ftp user to change directory ? How?

Is there anybody can help me...

Thanks
if your vsftpd.conf, edit the following line if exist and add it if not

Code:
chroot_local_user=YES
The above line should jailed the user to their home directory if they are connecting to your ftp server using ftp client such as filezilla, cuteftp, etc
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
restrict from internet/setup ftp, please help westverg Linux - Networking 4 12-02-2005 07:25 PM
can you restrict ftp USER access to certain ips? linuxboy69 Linux - Software 2 02-26-2004 04:05 PM
Restrict User to FTP Only maxhugen Linux - Security 3 10-23-2003 06:01 PM
How to restrict user (FTP)? Rex_chaos Linux - Networking 2 03-19-2003 04:48 AM
how can I restrict ftp users listing files from a pure-ftp server adrianmak Linux - Networking 2 12-31-2002 08:23 AM


All times are GMT -5. The time now is 10:26 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration