On Mon, Mar 14, 2011 at 1:27 PM, Huib Laurens sterkebak@gmail.com wrote:
Hello,
I have setup a centos server running 5.5 and I have a problem with the FTP settings.
Currently I have two FTP accounts based on that server, they lead to:
/home/bella /home/carmen
Currently the FPT accounts starts in the home directory when they are logged in. But they are able to see all directories on the server. What can I do to make sure they cant come out of there home directory?
-- Regards, Huib "Abigor" Laurens
First things first. *DO NOT* use FTP. It's a blatantly insecure protocl and passes passwords, and data, in the clear.
Second, if you *MUST* use FTP, do not use it with normal usernames and passwords.
Third, if you *MUST* use FTP, use FTPS which SSL tunnels the connections.
Fourth, read the manual page on the "vsftpd" server. In particulare, review this:
chroot_list_enable If activated, you may provide a list of local users who are placed in a chroot() jail in their home directory upon login. The meaning is slightly different if chroot_local_user is set to YES. In this case, the list becomes a list of users which are NOT to be placed in a chroot() jail. By default, the file containing this list is /etc/vsftpd.chroot_list, but you may override this with the chroot_list_file setting. Default: NO