?
Solved

How to create a pro-FTPd user on linux ?

Posted on 2008-10-24
9
Medium Priority
?
371 Views
Last Modified: 2013-12-16
Dear Experts:

I would like to create a user which can upload and download files and directories by FTP, but without having access to all my server directories: just its home directory (and all its subdirectories). Also, I don't want to give him access to console (I mean, accessing using telnet or putty on ssh).
 
My server is a dedicated server, which I installed xampp (from apache-friends) over suse-linux enterprise 10 server. The FTP server is pro-FTPd, which is included whan installing xampp.

It's possible to create this restricted user ?

Many thanks.
0
Comment
Question by:gplana
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 43

Expert Comment

by:ravenpl
ID: 22802680
Sure, first create system use without password (password should be mangled like '*' or '!!' - meaning one cannot login).

Then to the proftpd.conf You may add

UserPassword theUsername theCryptedPassword

where the theCryptedPassword is output from
# perl -e 'print crypt("plainPassHere", rand(100))'
0
 
LVL 15

Author Comment

by:gplana
ID: 22804105
Thank you for your answer.

I understand that this prevents user to login by telnet or SSH. My doubt now is if the crypted password is the same as it appears on the shadow file ?

Also, what I need now is "just" to restrict this FTP user to allow access only to its own home directory. Is this possible ?
0
 
LVL 43

Expert Comment

by:ravenpl
ID: 22804540
> My doubt now is if the crypted password is the same as it appears on the shadow file ?
No, it's weak des based has (shadows has md5 or blowfish or sha-*)

> Also, what I need now is "just" to restrict this FTP user to allow access only to its own home directory. Is this possible ?
DefaultRoot ~
# http://www.proftpd.org/docs/directives/linked/config_ref_DefaultRoot.html
0
Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

 
LVL 15

Author Comment

by:gplana
ID: 22804875
Thank you for your answer. Now I understand a little more.

However, I haven't been able to login with my new created user. I attach my proftpd.conf file in order you can show me if I'm doing something wrong.

User tsavellana already exists on my passwd and shadow files, however, I put an * at the password field on shadow file in order this user cannot login by using putty.

Thank you for all. Best Regards.
0
 
LVL 15

Author Comment

by:gplana
ID: 22804888
Here is the attached file. I changed its ".conf" extension to ".txt" in order this site doesn't allow ".conf" files.
proftpd.txt
0
 
LVL 43

Accepted Solution

by:
ravenpl earned 1500 total points
ID: 22815816
UserAlias tsavellana ftp
says to proftpd that if someone uses "tsavellana" as username then authenticate against "ftp" user. So in Your case You want
UserPassword ftp 58Ydm7H5BbRmMT
0
 
LVL 15

Author Comment

by:gplana
ID: 22817401
Sorry, but it seems DefaultRoot clause doesn't restrict anything.

Maybe my executing ftp server process is a standard FTP installed automatically when I installed linux (SUSE enterprise 10) and proftpd is not executing properly ?

I say that because I tried to make some changes on proftpd.conf file and it seems they doesn't take effect.

Thank you.
0
 
LVL 43

Expert Comment

by:ravenpl
ID: 22819572
> Sorry, but it seems DefaultRoot clause doesn't restrict anything.
Right - it has no meaning in <Anonymous > clause. <Anonymous /here> already restricts You to /here - no point in DefaultRoot here.

> I say that because I tried to make some changes on proftpd.conf file and it seems they doesn't take effect.
You have restarted proftpd and it was success?
0
 
LVL 15

Author Comment

by:gplana
ID: 22820390
Yes, I restarted it with appearly no errors. However, when restarting it says "no process running" as if it wasn't abel to kill the previous process.

I installed xampp from apache friends over a standard suse linux, and now I think there was another FTP server installed before, which I suppose can be in conflict with xampp's proftpd component.

I understand that this is another question, so do you want I open another question with its own points ?

Thank you.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Fine Tune your automatic Updates for Ubuntu / Debian
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses
Course of the Month14 days, 13 hours left to enroll

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question