LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 08-09-2008, 04:34 AM   #1
uncle-c
Member
 
Registered: Oct 2006
Location: The Ether
Distribution: Fedora 14, Ubuntu , Slax 5.1.8, OpenSolaris, Centos 4.8
Posts: 296

Rep: Reputation: 30
Which ftp server software "chroots" users by default.


Hi
I'm looking to install an ftp server on a machine, one which combines the best security practices along with ease and speed of configuration. Ideally I am looking for software which locks users ( anonymous or users with accounts ) into their home accounts like a "chroot jail" by default and hence does not let them traverse across the file system. However, I do not want to have to compile the software from source with special "chroot" options / parameters as that is not one of my strong points !
Any advice on which software would be best suited for my purposes ?
Thanks for the help.

Regards,
UC
 
Old 08-09-2008, 05:00 AM   #2
colucix
Moderator
 
Registered: Sep 2003
Location: Bologna
Distribution: CentOS 6.5 OpenSuSE 12.3
Posts: 10,488

Rep: Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956
If I remember well, Proftpd jails users in chroot environment by default. But it should not be so painful in Vsftpd. I think you have not to compile from source, just edit the configuration file. There must be some examples in the documentation.
 
Old 08-09-2008, 05:11 AM   #3
billymayday
Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
vsftp has chrooting as a config option. Not sure if it's default behavior, but doesn't really matter if it's in there
 
Old 08-09-2008, 05:22 AM   #4
uncle-c
Member
 
Registered: Oct 2006
Location: The Ether
Distribution: Fedora 14, Ubuntu , Slax 5.1.8, OpenSolaris, Centos 4.8
Posts: 296

Original Poster
Rep: Reputation: 30
Great stuff ! Thanks a lot for the help gents. Will give Vsftpd a go.

Thanks again !

uc.
 
Old 08-09-2008, 07:11 AM   #5
sir-lancealot
Member
 
Registered: Aug 2007
Posts: 336

Rep: Reputation: 31
uc, yes vsftp works great as that is what I am using. You can actually jail (chroot) everyone or a list, see this section in etc/vsftp/vsftp.conf

chroot_local_user=NO
# users to NOT chroot().
chroot_list_enable=YES
# (default follows)
chroot_list_file=/etc/vsftpd.chroot_list

so you can stick the users you want to root in that file and only chroot them.

Lr
 
Old 08-09-2008, 07:44 AM   #6
uncle-c
Member
 
Registered: Oct 2006
Location: The Ether
Distribution: Fedora 14, Ubuntu , Slax 5.1.8, OpenSolaris, Centos 4.8
Posts: 296

Original Poster
Rep: Reputation: 30
Thanks sir-L ! So could I add user "anonymous" to the /etc/vsftpd.chroot_list file as well or should I alter the specific line in the vsftp.conf file which will allow for chrooted "anonymous" login ? Basically I would like anonymous and user logins but both in the "chrooted" environment.

Thanks

uc
 
Old 08-09-2008, 10:41 AM   #7
john test
Member
 
Registered: Jul 2008
Distribution: ubuntu 9.10
Posts: 527
Blog Entries: 1

Rep: Reputation: 35
"proftp" works and so does "fakeroot"
proftp installed with the xampp package and provides a Fake Root for FTP and the Apache Webserver. Since the Proftp install does the job, I have never had to use the "fakeroot" command. I just happened to notice it when I did apropos *
Good Luck with your project
 
Old 08-09-2008, 08:04 PM   #8
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 59
Quote:
Originally Posted by uncle-c View Post
...So could I add user "anonymous" to the /etc/vsftpd.chroot_list file as well or should I alter the specific line in the vsftp.conf file which will allow for chrooted "anonymous" login ? Basically I would like anonymous and user logins but both in the "chrooted" environment.
No, the chroot list is for "local" users only. This includes virtual users that are mapped to a virtual account local user. Anonymous users are chrooted into the directory listed for the ftp user in /etc/passwd.
 
  


Reply

Tags
chroot, ftp, ftpd, server, software


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
which ftp server for virtual domains or multiple chroots Ratclaws Linux - Software 0 11-30-2005 01:22 PM
C -communicating with system("ftp"); using "program|ftp>>myfifo" probably hansschmucker Programming 1 03-23-2005 01:39 PM
"adduser" not adding users to default group "users" PunkPT Slackware 2 09-23-2004 11:50 AM
'Last' command showing "Crash" for ftp users wizade Linux - Software 2 10-27-2003 12:48 PM


All times are GMT -5. The time now is 03:50 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration