I'm using vsftpd as FTP server, and I'd like to chroot my FTP users to their home dir. How can I do it? i.e. "jailing" them in their home dir... at the moment I have the following issues the user when they login to ftp server they go to the main directory /var/ftp/
Here is what I did, full discussion at this link http://www.bobhoffman.com/forums/viewtopic.php?f=4&t=11
Here is my file. Each user is locked into his folder listed in the etc/pssword file.
ftpd_banner=Welcome to my webserver! listen=YES pam_service_name=vsftpd anonymous_enable=NO local_enable=YES session_support=NO write_enable=YES chroot_local_user=YES
#supposed default settings added for security and other redhat settings userlist_deny=YES userlist_enable=YES #userlist file is default to /etc/vsftpd.userlist local_umask=022
Bob Hoffman wrote:
I'm using vsftpd as FTP server, and I'd like to chroot my FTP users to their home dir. How can I do it? i.e. "jailing" them in their home dir... at the moment I have the following issues the user when they login to ftp server they go to the main directory /var/ftp/
Here is what I did, full discussion at this link http://www.bobhoffman.com/forums/viewtopic.php?f=4&t=11
Here is my file. Each user is locked into his folder listed in the etc/pssword file.
ftpd_banner=Welcome to my webserver! listen=YES pam_service_name=vsftpd anonymous_enable=NO local_enable=YES session_support=NO write_enable=YES chroot_local_user=YES
#supposed default settings added for security and other redhat settings userlist_deny=YES userlist_enable=YES #userlist file is default to /etc/vsftpd.userlist local_umask=022
and here is mine
anonymous_enable=NO local_enable=YES chroot_local_user=YES pasv_max_port=8000 pasv_min_port=7000 use_localtime=YES deny_file={.*,.ssh,.*profile*} hide_file={.*,.ssh,.*profile*} check_shell=YES write_enable=YES local_umask=022 dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES xferlog_std_format=YES listen=YES ftpd_banner=Our FTPd Server pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES syslog_enable=YES chmod_enable=NO secure_chroot_dir=/usr/share/empty