Vsftpd Config ? Is this possible?
I've got vsftpd running fine on my debian box and allowing connections to local users. However I also want to allow connections to specific non local usernames and chroot jail them in a specific directory and give them write/modify permissions to a single sub directory.
In short I'd like the config to be like this.. Local users: Login as normal, put in their home directory Non local user: if they match an allowed username / pw I'd like them to be put in and chrooted to /ftp with only read/execute permissions on subdirectories except /ftp/uploads which they would have rwx permissions to. Anon users - denied immediately. I've read the man pages for the vsftpd.conf and played with the userlist_enable/deny/file options but that seems to only control local users. Basically I want to be able to have people/clients who don't have a account on my linux box to be able to ftp into a specific directory and browse all sub directories and dl any content there. I also want them to be able to upload to 1 specific directory only. Did I miss something in the man pages? Is this even possible with vsftpd? |
Hi.
I believe it's possible to do something like this with PAM, but I'm no expert in that field. Why not just create local users for these accounts? Make their home directory /ftp and make their login shell /sbin/nologin You can then just use normal filesystem permissions to give access to their own subdirectory. Dave |
Quote:
|
it is indeed - you can get some insight reading the vsftpd.conf.5 file as it has a lot more options than the standard vsftpd.conf file. i think these two lines will jail users to their home directories.
Code:
passwd_chroot_enable=YES |
Quote:
|
I am sorry, I did misunderstand. I agree with you, I havn't found a way to do that yet. What I ended up doing was what I wrote in my post, and that works for my purpose as well as anything. My friends can access my server because I have given them the generic user and password. I believe the only other option is to make an anonymous login which has no user or password.
|
All times are GMT -5. The time now is 05:54 AM. |