Ftp – vsftpd – Allow access certain user only from certain IP range

centos6ftpvsftpd

I am using CentOS 6 (64bit) and have VSFTPD installed.

I have two different users for vsftpd: privateuser and publicuser.

I need to configure that only privateuser can login to the ftp server from the local IP range (192.168.2/24) and publicuser can login from both the local range and another public range (example 192.168.2/24 and 180.150/16).

Is there any solution for this?

Best Answer

You can't do this directly with vsftpd. You may get some mileage with pam_access e.g.

edit /etc/pam.d/vsftpd and add the line

account    required    pam_access.so

to the beginning of the file, then edit /etc/security/access.conf and add the lines

- : privateuser : ALL EXCEPT 192.168.2.0/24
- : publicuser : ALL EXCEPT 192.168.2.0/24 180.150.0.0/16

which I think does what you want.

You may find it easier to switch to something like proftpd which has a richer set of access controls.

Best Answer

Related Solutions

Ftp – vsftpd: access SFTP on local user without shell access with specific directory

Ftp – vsftpd: allow access only for certain users

Related Topic