Skip to content

User creation with particular directory access through FTP

by Mohamed Azar on February 18, 2016

Requirements :

Create a user

The user should not able to access through terminal like putty…etc

The user Should able to access his custom report directory path only with ftp client

the user need that directory path read and write permission

OS: Redhat 5.6 64bit

Step 1:

check below package are installed or not
[root@ebsdev ~]# rpm -qa|grep vsftpd

Step2 : If its not installed, install below rpm package

[root@ebsdev install]# ls
vsftpd-2.0.5-16.el5_5.1.x86_64.rpm
[root@ebsdev install]# rpm -ivh vsftpd-2.0.5-16.el5_5.1.x86_64.rpm
warning: vsftpd-2.0.5-16.el5_5.1.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing… ########################################### [100%]
1:vsftpd ########################################### [100%]
Step 3:

[root@ebsdev install]# service vsftpd restart
Shutting down vsftpd: [FAILED]
Starting vsftpd for vsftpd: [ OK ]

Step 4: User creation

[root@ebsdev install]# useradd -g dba ftpuser
[root@ebsdev install]# passwd ftpuser

Step 5: Provide that directory path only access this to ftp user

[root@ebsdev ~]# chmod o+w /u02/backup/appltrng/apps/apps_st/appl/xxace/12.0.0/reports/US

[root@ebsdev install]# usermod -d /u02/backup/appltrng/apps/apps_st/appl/xxace/12.0.0/reports/US ftpuser

step 6: Disabled signon access for terminals

modified the line

[root@ebsdev install]# vi /etc/passwd

from

ftpuser:x:504:500::/u02/backup/appltrng/apps/apps_st/appl/xxace/12.0.0/reports/US:/bin/bash

to
ftpuser:x:504:500::/u02/backup/appltrng/apps/apps_st/appl/xxace/12.0.0/reports/US:/sbin/nologin

Step 7: allow chroot local user in ftp

[root@ebsdev vsftpd]# pwd
/etc/vsftpd
[root@ebsdev vsftpd]# vi vsftpd.conf

Add below Bolded line

# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
#chroot_list_enable=YES
chroot_local_user=YES

Step 8: restart vsftpd service

[root@ebsdev vsftpd]#service vsftpd restart

step 9: Try to login with credentials in ftp and also putty terminal

You can’t login in putty but you can able to login FTP with home path which directory you configured, you can’t go other directory. you have only that directory access.

 

From: Uncategorized
No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: