vsftpd users

sailingbikeruk · 08-02-2010, 01:07 PM

I am new to Linux so thought it would be a good learning exercise to try and setup an FTP server using linux.

I have downloaded and installed Ubuntu 10 server edition and installed vsftpd, following instructions found on here I have configured the software and I can connect from an FTP client on my windows PC across the internal LAN.

I have a couple of questions if I may:

1) a post on this forum suggests that local users can access the FTP server if the correct line is enabled in vsftpd.conf - I have done this and the fact that I can access it shows this is working I would think, however users added subsequently with the useradd command cannot access the server. Filezilla shows a could not connect to server error.

I have restarted vsftpd using - service vsftpd restart

still no success -

to confirm:

ian can logon
bennett can't

2) how do I give the server a fixed IPv4 address? It is currently using DHCP

3) I need to be able to put files into users folders for them to access offsite, but I don't want them to see each others files\folders, can I do this?

superfridi · 08-03-2010, 06:18 AM

I can help you only on DHCP.

-as your ftp server is a dhcp client. so in the dchpd server you have to reserve ip for the client pc(your ftp server). for more info on dhcp search for dhcpd.conf

Wim Sturkenboom · 08-03-2010, 08:17 AM

For 1:

Code:

userlist_enable=YES
userlist_deny=NO
userlist_file=/etc/vsftpd.user_list

Do you have lines like the above? The users might not be in the user list.
Maybe you can attach your vsftpd.conf file.

For 3:

Code:

#WimS; additional config
#jail user to their homedirectory
chroot_local_user=YES

The above lines in your vsftpd.conf (probably in /etc) will prevent users snooping outside their home directories. It's a good practice anyway as that way they can not get to sensitive system files.

sailingbikeruk · 08-06-2010, 03:19 AM

Quote:

For 3:

Code:

#WimS; additional config
#jail user to their homedirectory
chroot_local_user=YES

The above lines in your vsftpd.conf (probably in /etc) will prevent users snooping outside their home directories. It's a good practice anyway as that way they can not get to sensitive system files.

Will this not also jail me and prevent me from dropping files in their folders so they can dowmnload them?

the pc I am using as a test box is not on the network and I haven't got USB to work yet so getting files off it onto a machine I can access the internet isn't easy.

sailingbikeruk · 08-06-2010, 03:26 AM

Quote:

Originally Posted by superfridi

I can help you only on DHCP.

-as your ftp server is a dhcp client. so in the dchpd server you have to reserve ip for the client pc(your ftp server). for more info on dhcp search for dhcpd.conf

OK this was silly of me and adding a reservation in the DHCP server would be the easiest answer for now, however, eventually this will be in the DMZ and will be on a different subnet than the DHCP server.

When I changed /etc/network/interface to use a static IP the machine wouldn't boot and I had to re-install everything. Had I missed something, or is this all I need to do to allocate a static IP rather than a reservation?

Wim Sturkenboom · 08-06-2010, 04:34 AM

Quote:

Originally Posted by sailingbikeruk

Will this not also jail me and prevent me from dropping files in their folders so they can dowmnload them?

Yes; sorry but that requirement was not clear to me; thought you had other means to get the files there.