gplana
asked on
How to create a pro-FTPd user on linux ?
Dear Experts:
I would like to create a user which can upload and download files and directories by FTP, but without having access to all my server directories: just its home directory (and all its subdirectories). Also, I don't want to give him access to console (I mean, accessing using telnet or putty on ssh).
My server is a dedicated server, which I installed xampp (from apache-friends) over suse-linux enterprise 10 server. The FTP server is pro-FTPd, which is included whan installing xampp.
It's possible to create this restricted user ?
Many thanks.
I would like to create a user which can upload and download files and directories by FTP, but without having access to all my server directories: just its home directory (and all its subdirectories). Also, I don't want to give him access to console (I mean, accessing using telnet or putty on ssh).
My server is a dedicated server, which I installed xampp (from apache-friends) over suse-linux enterprise 10 server. The FTP server is pro-FTPd, which is included whan installing xampp.
It's possible to create this restricted user ?
Many thanks.
ASKER
Thank you for your answer.
I understand that this prevents user to login by telnet or SSH. My doubt now is if the crypted password is the same as it appears on the shadow file ?
Also, what I need now is "just" to restrict this FTP user to allow access only to its own home directory. Is this possible ?
I understand that this prevents user to login by telnet or SSH. My doubt now is if the crypted password is the same as it appears on the shadow file ?
Also, what I need now is "just" to restrict this FTP user to allow access only to its own home directory. Is this possible ?
> My doubt now is if the crypted password is the same as it appears on the shadow file ?
No, it's weak des based has (shadows has md5 or blowfish or sha-*)
> Also, what I need now is "just" to restrict this FTP user to allow access only to its own home directory. Is this possible ?
DefaultRoot ~
# http://www.proftpd.org/docs/directives/linked/config_ref_DefaultRoot.html
No, it's weak des based has (shadows has md5 or blowfish or sha-*)
> Also, what I need now is "just" to restrict this FTP user to allow access only to its own home directory. Is this possible ?
DefaultRoot ~
# http://www.proftpd.org/docs/directives/linked/config_ref_DefaultRoot.html
ASKER
Thank you for your answer. Now I understand a little more.
However, I haven't been able to login with my new created user. I attach my proftpd.conf file in order you can show me if I'm doing something wrong.
User tsavellana already exists on my passwd and shadow files, however, I put an * at the password field on shadow file in order this user cannot login by using putty.
Thank you for all. Best Regards.
However, I haven't been able to login with my new created user. I attach my proftpd.conf file in order you can show me if I'm doing something wrong.
User tsavellana already exists on my passwd and shadow files, however, I put an * at the password field on shadow file in order this user cannot login by using putty.
Thank you for all. Best Regards.
ASKER
Here is the attached file. I changed its ".conf" extension to ".txt" in order this site doesn't allow ".conf" files.
proftpd.txt
proftpd.txt
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Sorry, but it seems DefaultRoot clause doesn't restrict anything.
Maybe my executing ftp server process is a standard FTP installed automatically when I installed linux (SUSE enterprise 10) and proftpd is not executing properly ?
I say that because I tried to make some changes on proftpd.conf file and it seems they doesn't take effect.
Thank you.
Maybe my executing ftp server process is a standard FTP installed automatically when I installed linux (SUSE enterprise 10) and proftpd is not executing properly ?
I say that because I tried to make some changes on proftpd.conf file and it seems they doesn't take effect.
Thank you.
> Sorry, but it seems DefaultRoot clause doesn't restrict anything.
Right - it has no meaning in <Anonymous > clause. <Anonymous /here> already restricts You to /here - no point in DefaultRoot here.
> I say that because I tried to make some changes on proftpd.conf file and it seems they doesn't take effect.
You have restarted proftpd and it was success?
Right - it has no meaning in <Anonymous > clause. <Anonymous /here> already restricts You to /here - no point in DefaultRoot here.
> I say that because I tried to make some changes on proftpd.conf file and it seems they doesn't take effect.
You have restarted proftpd and it was success?
ASKER
Yes, I restarted it with appearly no errors. However, when restarting it says "no process running" as if it wasn't abel to kill the previous process.
I installed xampp from apache friends over a standard suse linux, and now I think there was another FTP server installed before, which I suppose can be in conflict with xampp's proftpd component.
I understand that this is another question, so do you want I open another question with its own points ?
Thank you.
I installed xampp from apache friends over a standard suse linux, and now I think there was another FTP server installed before, which I suppose can be in conflict with xampp's proftpd component.
I understand that this is another question, so do you want I open another question with its own points ?
Thank you.
Then to the proftpd.conf You may add
UserPassword theUsername theCryptedPassword
where the theCryptedPassword is output from
# perl -e 'print crypt("plainPassHere", rand(100))'