How to create a pro-FTPd user on linux ?

Dear Experts:

I would like to create a user which can upload and download files and directories by FTP, but without having access to all my server directories: just its home directory (and all its subdirectories). Also, I don't want to give him access to console (I mean, accessing using telnet or putty on ssh).
 
My server is a dedicated server, which I installed xampp (from apache-friends) over suse-linux enterprise 10 server. The FTP server is pro-FTPd, which is included whan installing xampp.

It's possible to create this restricted user ?

Many thanks.
LVL 15
gplanaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ravenplCommented:
Sure, first create system use without password (password should be mangled like '*' or '!!' - meaning one cannot login).

Then to the proftpd.conf You may add

UserPassword theUsername theCryptedPassword

where the theCryptedPassword is output from
# perl -e 'print crypt("plainPassHere", rand(100))'
0
gplanaAuthor Commented:
Thank you for your answer.

I understand that this prevents user to login by telnet or SSH. My doubt now is if the crypted password is the same as it appears on the shadow file ?

Also, what I need now is "just" to restrict this FTP user to allow access only to its own home directory. Is this possible ?
0
ravenplCommented:
> My doubt now is if the crypted password is the same as it appears on the shadow file ?
No, it's weak des based has (shadows has md5 or blowfish or sha-*)

> Also, what I need now is "just" to restrict this FTP user to allow access only to its own home directory. Is this possible ?
DefaultRoot ~
# http://www.proftpd.org/docs/directives/linked/config_ref_DefaultRoot.html
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

gplanaAuthor Commented:
Thank you for your answer. Now I understand a little more.

However, I haven't been able to login with my new created user. I attach my proftpd.conf file in order you can show me if I'm doing something wrong.

User tsavellana already exists on my passwd and shadow files, however, I put an * at the password field on shadow file in order this user cannot login by using putty.

Thank you for all. Best Regards.
0
gplanaAuthor Commented:
Here is the attached file. I changed its ".conf" extension to ".txt" in order this site doesn't allow ".conf" files.
proftpd.txt
0
ravenplCommented:
UserAlias tsavellana ftp
says to proftpd that if someone uses "tsavellana" as username then authenticate against "ftp" user. So in Your case You want
UserPassword ftp 58Ydm7H5BbRmMT
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
gplanaAuthor Commented:
Sorry, but it seems DefaultRoot clause doesn't restrict anything.

Maybe my executing ftp server process is a standard FTP installed automatically when I installed linux (SUSE enterprise 10) and proftpd is not executing properly ?

I say that because I tried to make some changes on proftpd.conf file and it seems they doesn't take effect.

Thank you.
0
ravenplCommented:
> Sorry, but it seems DefaultRoot clause doesn't restrict anything.
Right - it has no meaning in <Anonymous > clause. <Anonymous /here> already restricts You to /here - no point in DefaultRoot here.

> I say that because I tried to make some changes on proftpd.conf file and it seems they doesn't take effect.
You have restarted proftpd and it was success?
0
gplanaAuthor Commented:
Yes, I restarted it with appearly no errors. However, when restarting it says "no process running" as if it wasn't abel to kill the previous process.

I installed xampp from apache friends over a standard suse linux, and now I think there was another FTP server installed before, which I suppose can be in conflict with xampp's proftpd component.

I understand that this is another question, so do you want I open another question with its own points ?

Thank you.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.