Help - Search - Members - Calendar
Full Version: Vsftpd
Linuxhelp > Support > Technical Support
Robert83
hi


I think I screwed up something beacuse it lets me in with ftp://root:*passwordforroot*@192.168.8.2

I've left everything at default

only added robert to vsftpd.user_list

but when I try to ftp localhost on the linux computer

it says that root is denied

and that robert 530 Login incorrect

---UPDATE---
I think that my explorer is just playing here...I tried it with Total Commander got the same error
login incorrect...

by the way how do you create seperate directories to users?



Sincerely
Robert B
hughesjr
1. /etc/rc.d/init.d/vsftpd The initialization script (initscript) used by the /sbin/service command to start, stop, or reload vsftpd.

2. /etc/pam.d/vsftpd The Pluggable Authentication Modules (PAM) configuration file for vsftpd. This file defines the requirements a user must meet to login to the FTP server. (shouldn't need to be changed).


3. /etc/vsftpd/vsftpd.conf The configuration file for vsftpd. Refer to the vsftpd Configuration Options for a list of important options contained within this file.

4. /etc/vsftpd.ftpusers A list of users not allowed to log into vsftpd. By default this list includes the root, bin, and daemon users, among others.

5. /etc/vsftpd.user_list This file can be configured to either deny access to the users listed or allow the listed users access, depending on whether the userlist_deny directive is set to YES (default) or NO in /etc/vsftpd/vsftpd.conf. If /etc/vsftpd.user_list is used to grant access to users, the usernames listed must not appear in /etc/vsftpd.ftpusers. (So I would set userlist_deny to NO ... then put the people who I wanted to be able to login in /etc/vsftpd.user_list ... and the people who can't login in /etc/vsftpd.ftpusers ... if a person is not is either list ... i think they can't login...

6. /var/ftp/ directory The directory containing files served by vsftpd. It also contains the /var/ftp/pub/ directory for anonymous users. Both directories are world-readable, but writable only by the root user.
Robert83
Hi,

I did what you told me, it's working now ok smile.gif

but a problem, when I login with robert ( created on linux comp with useradd robert ) I go into /home/robert ... and I can go to / and see everything there (can't delete anything tough...) but I can see everything (this is not good for security...) what to do with robert so that when I log in via ftp I got to /var/ftp/pub/robert (or atleast /var/ftp/pub ) , and somehow dissable the user to leave /var/ftp/pub


sincerely
Robert B
hughesjr
Create a file called:

/etc/vsftpd.chroot_list

put all users in that file who you want to be locked into the chroot directory.

in vsftpd.conf add the following things:

chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
local_root=/var/ftp/pub


If a person is not in /etc/vsftpd.chroot_list, they will still start in the local_root directory (in your case /var/ftp/pub)... but they can go anywhere their user can go normally (like via an ssh connection). People who are in the /etc/vsftpd.chroot_list see /var/ftp/pub as their / directory ... and they can go in directories lower than that (ie, below /var/ftp/pub), but not higher.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2017 Invision Power Services, Inc.