Problem with users

Alles, was den ProFTPD betrifft, kann hier besprochen werden.

Problem with users

Postby SlisheR » 06. July 2007 19:46

Hi, unfortunately I can't speak German (Deutsch) as wel... so I taught let my post it in English... i've got a serious question and I was trying to figure it out for 2 months, but I've got nothing! So, if you can help me I would be happy after 2 months work:)
The question is: I know that you can add the users from the Users and Group for FTP-access (By the way, I'm using Xampp Linux on my Debian system). But that users may not enter the root directory, which they can...
I've tried everything... posted my question in every forum but no answer...
do you know how to fix this? Example:
I want to add the user xampp.
I went to the users and group settings under System > Admin > Users and Group
after that I typed at username xampp and made the root location for that person /opt/lampp/htdocs/xampp... I entered the pass and all the things...
but when I log in that account with the username xampp, I come in /opt/lampp/htdocs/xampp ... that's correct, but if I press on 'Up directory' I come in the root directory and that may not be easy for me, 'cause all users can see all my files... how can I fix this?
Thanks in advance, SlisheR.

Entschuldiging fur meine English
SlisheR
 
Posts: 18
Joined: 06. July 2007 19:27
Location: The Netherlands

Postby glitzi85 » 26. July 2007 01:10

Hello,

what you want to do is to jail your Users into there Root-Directories. This is called chroot.

To do this with ProFTPD, follow these steps:

1. Create the Group ftpd: groupadd ftpd
2. Create the User ftpd and assign the Group: useradd -g ftpd ftpd
3. Open the proftpd.conf-Fiel and Change these Settings:

User ftpd
Group ftpd

4. Uncomment the Line DefaultRoot ~ if commented
5. Save proftpd.conf and close this File
6. cp /bin/false /bin/ftp

Now you can create the Users you want to give Access with FTP:

useradd -m -s /bin/ftp username

If you want to give the User also the possibility to log in with SSH you should use /bin/bash instead of /bin/ftp. In case of logging in with SSH the User would NOT be jailed into his home Directory, this can be done only by chrooting the complete SSH-Server (this is more complicated than only chrooting the ftp). As a fact of this, i recommend no SSH access for your Users.

Now you can start the Server and try to log in. You should not be able to get out of your Home Directory.

glitzi
User avatar
glitzi85
 
Posts: 1920
Joined: 05. March 2004 23:26
Location: Dahoim


Return to ProFTPD

Who is online

Users browsing this forum: No registered users and 3 guests