Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
|
 |
08-09-2008, 04:34 AM
|
#1
|
|
Member
Registered: Oct 2006
Location: The Ether
Distribution: Fedora 14, Ubuntu , Slax 5.1.8, OpenSolaris, Centos 4.8
Posts: 296
Rep: 
|
Which ftp server software "chroots" users by default.
Hi
I'm looking to install an ftp server on a machine, one which combines the best security practices along with ease and speed of configuration. Ideally I am looking for software which locks users ( anonymous or users with accounts ) into their home accounts like a "chroot jail" by default and hence does not let them traverse across the file system. However, I do not want to have to compile the software from source with special "chroot" options / parameters as that is not one of my strong points !
Any advice on which software would be best suited for my purposes ?
Thanks for the help.
Regards,
UC
|
|
|
|
|
08-09-2008, 05:00 AM
|
#2
|
|
Moderator
Registered: Sep 2003
Location: Bologna
Distribution: CentOS 6.4 OpenSuSE 12.2
Posts: 9,899
|
If I remember well, Proftpd jails users in chroot environment by default. But it should not be so painful in Vsftpd. I think you have not to compile from source, just edit the configuration file. There must be some examples in the documentation.
|
|
|
|
|
08-09-2008, 05:11 AM
|
#3
|
|
Guru
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678
Rep:
|
vsftp has chrooting as a config option. Not sure if it's default behavior, but doesn't really matter if it's in there
|
|
|
|
|
08-09-2008, 05:22 AM
|
#4
|
|
Member
Registered: Oct 2006
Location: The Ether
Distribution: Fedora 14, Ubuntu , Slax 5.1.8, OpenSolaris, Centos 4.8
Posts: 296
Original Poster
Rep:
|
Great stuff ! Thanks a lot for the help gents. Will give Vsftpd a go.
Thanks again !
uc.
|
|
|
|
|
08-09-2008, 07:11 AM
|
#5
|
|
Member
Registered: Aug 2007
Posts: 324
Rep:
|
uc, yes vsftp works great as that is what I am using. You can actually jail (chroot) everyone or a list, see this section in etc/vsftp/vsftp.conf
chroot_local_user=NO
# users to NOT chroot().
chroot_list_enable=YES
# (default follows)
chroot_list_file=/etc/vsftpd.chroot_list
so you can stick the users you want to root in that file and only chroot them.
Lr
|
|
|
|
|
08-09-2008, 07:44 AM
|
#6
|
|
Member
Registered: Oct 2006
Location: The Ether
Distribution: Fedora 14, Ubuntu , Slax 5.1.8, OpenSolaris, Centos 4.8
Posts: 296
Original Poster
Rep:
|
Thanks sir-L ! So could I add user "anonymous" to the /etc/vsftpd.chroot_list file as well or should I alter the specific line in the vsftp.conf file which will allow for chrooted "anonymous" login ? Basically I would like anonymous and user logins but both in the "chrooted" environment.
Thanks
uc
|
|
|
|
|
08-09-2008, 10:41 AM
|
#7
|
|
Member
Registered: Jul 2008
Distribution: ubuntu 9.10
Posts: 527
Rep:
|
"proftp" works and so does "fakeroot"
proftp installed with the xampp package and provides a Fake Root for FTP and the Apache Webserver. Since the Proftp install does the job, I have never had to use the "fakeroot" command. I just happened to notice it when I did apropos *
Good Luck with your project
|
|
|
|
|
08-09-2008, 08:04 PM
|
#8
|
|
Senior Member
Registered: Jun 2008
Posts: 2,529
Rep:
|
Quote:
Originally Posted by uncle-c
...So could I add user "anonymous" to the /etc/vsftpd.chroot_list file as well or should I alter the specific line in the vsftp.conf file which will allow for chrooted "anonymous" login ? Basically I would like anonymous and user logins but both in the "chrooted" environment.
|
No, the chroot list is for "local" users only. This includes virtual users that are mapped to a virtual account local user. Anonymous users are chrooted into the directory listed for the ftp user in /etc/passwd. |
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 10:14 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
