LinuxQuestions.org - how to achieve this in VSFTPD?

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - how to achieve this in VSFTPD? (https://www.linuxquestions.org/questions/linux-newbie-8/how-to-achieve-this-in-vsftpd-416940/)

how to achieve this in VSFTPD?

Hello,
I am using Debain v3.1 (Sarge) linux and i recently installed vsftp using:

Code:

# apt-get install vsftpd

The version of vsftpd running on my linux box is 2.0.3-1. My present vsftp.conf looks like following:

Code:

# Standalone mode

listen=YES



# Access Rights

anonymous_enable=no

anon_upload_enable=no

local_enable=YES

write_enable=YES

dirmessage_enable=YES



# Security

connect_from_port_20=YES

chroot_local_user=no

secure_chroot_dir=/var/run/vsftpd

pam_service_name=vsftpd

rsa_cert_file=/etc/ssl/certs/vsftpd.pem



# Features

ftpd_banner=Welcome



# Logging

xferlog_enable=YES

xferlog_file=/var/log/vsftpd.log

With the above settings i am able to log in using any of my linux user's id for whom the home directory is located under /home/<UID> but for the root account it doesn't work and i always get following error message.

Code:

Status:        Connecting to 192.168.0.2 ...

Status:        Connected with 192.168.0.2. Waiting for welcome message...

Response:        220 Welcome

Command:        USER root

Response:        331 Please specify the password.

Command:        PASS ******

Response:        530 Login incorrect.

Error:                Unable to connect!

On this linux box i also have a apache webserver running and i want to use a particular user account which gives read/write access /var/www/*. This folder has got all my webpages and i want it shared so that i could remotely code the scripts. Beside this i also want to have a user account with which i can browse the complete directory structure in Linux, so if required i can upload/download some files. So, is it possible to configure vsftpd such way and behave according to the user logging in? If yes then how can i achieve this?

Thanks in advance.

Hello there.
Looks like you somehow managed to miss some basics. Internet is a place where strongest meet the weakest - no mercy. This means some strict rules must be followed in order to survive and not to be the weakest.
ftp is file transefer protocol and nothing but that, completely insecure,
root account is a technical account and not suitable for using computer nor making remote connections,
ssh is secure shell, can be used for remote administration.
If you need root access in a remote computer you have to use ssh to log on and su to gain superuser rights.
In your situation you should use root account only to set up the Apache, anything else related to the web site you host has to be done via user account.
These guidelines are good even if both boxes are on LAN and behind firewall.
Think, what could happen if you had unlimited access using plaintext ftp connection. Extracting your credentials is a piece of cake and in very next moment somebody might upload a rootkit and execute it ...