FTP users are jailed to home dir
have an issue with proftpd on my pclinuxos server.
I can login via ftp fine but im locked to my home directory. i looked at my proftpd.conf file but didn't see anything related to that.. anyone know how this is setup? Code:
cat proftpd.conf |
Quote:
? |
The DefaultRoot option puts the logged in user in a chroot environment. That means that they are restricted in their access in the filesystem as if root started in that directory. In this case
DefaultRoot /home/user user means that for any user with name "user" (its a wildcard basically) they are stuck in /home/user. If you are uploading web pages you could do something like DefaultRoot /var/www/html user Which would make everybody locked in the web directory, assuming they have access to the directory. Just be careful, ftp is very insecure (sends passwords in plain text). Allowing general access to the machine makes it very exploitable. I would suggest using SFTP and closing off the ftp service entirely. If you are running sshd anyway, you get SFTP for free and the client GUIs are similar in function. Also, they don't usually set up chroot jails by default since the protocol itself is fairly secure. Just some unasked for advice :) |
thanks for the replies! stupid me how did i miss that lol.... i did "DefaultRoot / user" and that seems to work.
I hope it's not too risky doing this but i wanted to be able to ftp some files to directories outside my home path. thanks again |
Quote:
But in your case, you can keep your chroot: Links won't work because they still point out of the root. But mount has an option to mount a directory tree to another directory tree. mount /datafiles /home/user/datafiles -o rbind With this, a user chrooted to /home/user will be able to access /datafiles Using scp/sftp is also a good idea like, it's encrypted and the network protocol is simpler. If you use it in conjunction with scponly, you can make your box a secure transfer server. |
All times are GMT -5. The time now is 05:35 AM. |