FTP Configuration
Below steps are applicable where vsftd is not enabled yet.
Pre Requisite:
------------------------
vsftpd rpm should be installed in server.
rpm -qa | grep -i vsftpd
vsftpd-2.0.5-12.el5
Method Of Procedure
---------------------------------
Step 1: Create User with password
Ex: useradd fbftp
passwd fbftp
Step 2: Changing its default home directory from "/home/fbftp"
usermod -d "/var/fbftp" fbftp
Note - Its default home directory gets changed from "/home/fbftp" to "/var/fbftp"
Step 3: Create home directory path for ftp user
mkdir -p /var/fbftp
Step 4: Change ownership of user's home directory:
Ex: chown -R fbftp:fbftp fbftp
Step 5: Change ftp user privileges
/etc/vsftpd/vsftpd.conf
Enable below param:
chroot_list_enable=YES (This is used to restrict user to that path)
chroot_list_file=/etc/vsftpd/chroot_list
Step 6: Add the user in chroot_list file.
/etc/vsftpd/chroot_list
Note - Just add user in single new line. For example column wise as below.
fbftp
fbftp1
fbftp2
Step 7: Disable ssh login for ftp user using below command:
usermod -s /sbin/nologin <user>
Ex: usermod -s /sbin/nologin fbftp
Step 8: Restart vsftpd
service vsftpd restart
Testing -
Login to ftp from any other server and try to navigate to other path (like /opt,/var,/etc)
Try to ssh to the server using fbftp as user. Login should get failed
Pre Requisite:
------------------------
vsftpd rpm should be installed in server.
rpm -qa | grep -i vsftpd
vsftpd-2.0.5-12.el5
Method Of Procedure
---------------------------------
Step 1: Create User with password
Ex: useradd fbftp
passwd fbftp
Step 2: Changing its default home directory from "/home/fbftp"
usermod -d "/var/fbftp" fbftp
Note - Its default home directory gets changed from "/home/fbftp" to "/var/fbftp"
Step 3: Create home directory path for ftp user
mkdir -p /var/fbftp
Step 4: Change ownership of user's home directory:
Ex: chown -R fbftp:fbftp fbftp
Step 5: Change ftp user privileges
/etc/vsftpd/vsftpd.conf
Enable below param:
chroot_list_enable=YES (This is used to restrict user to that path)
chroot_list_file=/etc/vsftpd/chroot_list
Step 6: Add the user in chroot_list file.
/etc/vsftpd/chroot_list
Note - Just add user in single new line. For example column wise as below.
fbftp
fbftp1
fbftp2
Step 7: Disable ssh login for ftp user using below command:
usermod -s /sbin/nologin <user>
Ex: usermod -s /sbin/nologin fbftp
Step 8: Restart vsftpd
service vsftpd restart
Testing -
Login to ftp from any other server and try to navigate to other path (like /opt,/var,/etc)
Try to ssh to the server using fbftp as user. Login should get failed
posted by manishkaushal02@gmail.com @ March 16, 2018
0 Comments
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home