Linux – Create new vsftpd user and lock to (specify) home / login directory

centosftplinuxvsftpd

I need to periodically give temporary and limited access to various directories on a CentOS linux server that has vsftp installed.

I've created a user using useradd [user_name] and given them a password using passwd [password].

I've created a directory in /var/ftp and then I bind this to the directory that I wish to limit access to.

What else do I need to specifically do to ensure that when this user logs into FTP, they only have access to this directory please?

Best Answer

Complete answer that solved my question for any others that are after a step by step walkthrough...

Install vsftpd using this as a guide.

Create user with useradd [user_name].
Create user's password with passwd [user_name]. (You'll be prompted to specify the password).
Create FTP directory in /var/ftp and then bind to the 'home' directory you wish to specify for this user with mount --bind /var/www/vhosts/domain.com/ /var/ftp/custom_name/.
Change user's home directory with usermod -d /var/ftp/custom_name/ user_name

In /etc/vsftpd/vsftpd.conf, ensure all all of the following are set:-
- chroot_local_user=YES
- chroot_list_enable=YES
- chroot_list_file=/etc/vsftpd.chroot_list

Only list users in the vsftpd.chroot_list file if you want them to have full access to anywhere on the server. By not listing them in this file, you're saying restrict all vsftpd users to their specified home directory.

In other words (for reference):-

means that by default, ALL users get chrooted except users in the file...
- chroot_local_user=YES
- chroot_list_enable=YES
means that by default, ONLY users in the file get chrooted...
- chroot_local_user=NO
- chroot_list_enable=YES

Best Answer

Related Solutions

Linux – Jail Linux user to directory for FTP login

Ftp – vsftpd: access SFTP on local user without shell access with specific directory

Related Topic