vsFTPD




  • Create user with useradd [user_name].
  • Create user's password with passwd [user_name]. (You'll be prompted to specify the password).
  • Create FTP directory in /var/ftp and then bind to the 'home' directory you wish to specify for this user with mount --bind /var/www/vhosts/domain.com/ /var/ftp/custom_name/.
  • Change user's home directory with usermod -d /var/ftp/custom_name/ user_name
    In /etc/vsftpd/vsftpd.conf, ensure all all of the following are set:-
    • chroot_local_user=YES
    • chroot_list_enable=YES
    • chroot_list_file=/etc/vsftpd.chroot_list
Only list users in the vsftpd.chroot_list file if you want them to have full access to anywhere on the server. By not listing them in this file, you're saying restrict all vsftpd users to their specified home directory.
In other words (for reference):-
  1. means that by default, ALL users get chrooted except users in the file...
    • chroot_local_user=YES
    • chroot_list_enable=YES
  2. means that by default, ONLY users in the file get chrooted...
    • chroot_local_user=NO
    • chroot_list_enable=YES 


    Method 1: Changing the user's home directory

    Make sure the following line exists
    chroot_local_user=YES
    Set user HOME Directory to /var/www/ , if you want to change for existing user then you can use:
    usermod --home /var/www/ username
    then set required permission on /var/www/

    Method 2: Use user_sub_token

    If you don't want to change user's Home directory then you can use:
    chroot_local_user=YES
local_root=/ftphome/$USER
user_sub_token=$USER

    About user_sub_token:

    Automatically generate a home directory for each virtual user, based on a template. For example, if the home directory of the real user specified via guest_username is /ftphome/$USER, and user_sub_token is set to $USER, then when virtual user test logs in, he will end up (usually chroot()'ed) in the directory /ftphome/test. This option also takes affect if local_root contains user_sub_token.
    Create directory and set up permissions:
    mkdir -p /ftphome/{test,user1,user2}
chmod 770 -R /ftphome
chown -R ftp. /ftphome
usermod -G ftp test
    Once restart vsftpd and test your setup.
    Sample success output:
    [root@mail tmp]# ftp localhost
Connected to mail.linuxian.local.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): test
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> mput vhosts
mput vhosts? 
227 Entering Passive Mode (127,0,0,1,146,41)
150 Ok to send data.
226 File receive OK.
24 bytes sent in 3.3e-05 seconds (7.1e+02 Kbytes/s)
ftp> ls -rlt
227 Entering Passive Mode (127,0,0,1,97,90)
150 Here comes the directory listing.
-rw-r--r--    1 787      787            24 Oct 11 19:57 vhosts
226 Directory send OK.
ftp> 221 Goodbye.

Komentar

  1. iliejaber4 Maret 2022 pukul 13.07

    Lucky 8 Casino - Mapyro
    Directions to Lucky 8 Casino (Lucky 8) 대전광역 출장샵 with Mapyro. The following transit 안양 출장안마 lines have routes that pass near Lucky 8 Casino Distance to 당진 출장샵 airport: 8.2 kmNearest airport: Las Vegas McCarranDistance to city 청주 출장안마 centre: 3.3 km Rating: 4 · ‎9 광주 출장샵 votes

    BalasHapus

Posting Komentar