vsftp-local users jailed, but.......
Hello all!
I found threads close to my answer but not quite on the mark.
I have Vsftpd-1.2.1 on Linux 7.3. I am setting up an FTP server so clients cn upload files. It is not an anonymous server, users cannot download: only upload. I have added the following to my vsftpd.conf file:
anonymous_enable=NO
ascii_upload_enable=YES
local_enable=YES
write_enable=YES
local_umask=077
anon_upload_enable=NO
anon_mkdir_write_enable=NO
dirmessage_enable=YES
download_enable=NO
xferlog_enable=YES
xferlog_std_format=YES
idle_session_timeout=600
data_connection_timeout=120
listen=NO
chroot_local_user=NO
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
dirmessage_enable=YES
hide_ids=YES
#banner_file=YES
I have created local user accounts (test accounts) to make sure the users are in a 'jail' so they can only see the contents of thier own home directory and that works fine.
However, if the same user logs on to the system at the console, they can roam freely about the server. For security purposes, I need these users to have access ONLY to thier home directories. This server will be out on a DMZ.
Also I have the vsftpd.chroot_list file in place but I am not sure of the formatting for this file.
So, Is there a way to keep these users locked up regardless of how they logon without using Virtual users?
Any help would be appreciated!
Thanks
M
|