I used this guide to set up a Proftpd installation an Ubuntu 8.04 server... Works well, but the generic user ( userftp ) can run
ls
and is able to change to any Directory and browse freely on the server ..from the root
/
and upwards.. I added this line to etc/shells
/bin/false
in hopes that that would prevent this ... I really only want the userftp account to be able to upload to the generic
/home/FTP-Shared
directory, and be able to do nothing else on the server. How is this accomplished ... This is a headless Ubuntu box..and I am using CLI only .. no GUI admin tools
Have you considered chrooting proftpd into /home/FTP-Shared? Then it can't access anything outside of there.
Cry Havok is correct, you will have to set up chrooting. Also, the /bin/false will restrict the user from ssh'ing to the box. It has nothing to do with the ftp behaviour itself.
To achieve this, all I had to do was uncomment this line :
from this file:
and then run