I need to periodically give temporary and limited access to various directories on a CentOS linux server that has vsftp installed.
I've created a user using useradd [user_name] and given them a password using passwd [password].
I've created a directory in /var/ftp and then I bind this to the directory that I wish to limit access to.
What else do I need to specifically do to ensure that when this user logs into FTP, they only have access to this directory please?
Complete answer that solved my question for any others that are after a step by step walkthrough...
Install
vsftpdusing this as a guide.useradd [user_name].passwd [user_name]. (You'll be prompted to specify the password)./var/ftpand then bind to the 'home' directory you wish to specify for this user withmount --bind /var/www/vhosts/domain.com/ /var/ftp/custom_name/.Change user's home directory with
usermod -d /var/ftp/custom_name/ user_nameIn
/etc/vsftpd/vsftpd.conf, ensure all all of the following are set:-Only list users in the
vsftpd.chroot_listfile if you want them to have full access to anywhere on the server. By not listing them in this file, you're saying restrict allvsftpdusers to their specified home directory.In other words (for reference):-
For me it didn't work even after the above. There was a local_root already set to a directory, and whatever I do, user's directory hasn't jailed. Finally it is worked after only changed
And following procedure
Just my two cents if anyone else had same issue.
The chrooting mentioned in previous answers didn't work on my ubuntu 18.04 server. I finally got it working using this reference: https://passingcuriosity.com/2014/openssh-restrict-to-sftp-chroot/