FTP users

From Bytesized Wiki

Jump to: navigation, search

Contents

How to enable multiple FTP users?

This is a small guide in how to create one or more additional ftp users. We want to give them ftp only access meaning, we want to disable SSH access and make them use only one ftp folder we want them to use. Please note that this method only works on unmanaged VPSs. You can't use this on a managed account.

What you need to start?

You need to SSH in your VPS. :)

Adding a user

We will start off by creating a user. Let`s call this user test.

sudo adduser test

You need to set his password, don`t bother to fill user information.

WjiLQ.png

If you don`t want to limit your user to one folder or disable his SSH access, this is pretty much all you need to do.

Disabling SSH access and limiting to one folder

We need to change few things in order to limit the user:

sudo nano /etc/passwd

Scroll down until you find newly created user. The line you are looking for is:

test:x:1001:1001:,,,:/home/test:/bin/bash

Here you can see that his default folder is /home/test/ . If you want to give him access to some other folder change the path, for example:

test:x:1001:1001:,,,:/var/downloads/completed:/bin/bash

will give him access to your completed folder, thus giving him access to your completed torrents. Next, we want to disable his SSH access. Change the /bin/bash line with /bin/false

test:x:1001:1001:,,,:/home/test:/bin/false

Save the changes and exit nano(CTRL+X, yes, ENTER).

We need to add /bin/false line in to the shells list:

sudo nano /etc/shells

scroll down and add

/bin/false

Save the changes and exit nano.

Jailing user to one folder

We need to edit vsftpd.conf file:

sudo nano /etc/vsftpd.conf

Find next lines uncomment them(remove #) and edit accordingly:

 chroot_local_user=YES
 chroot_list_enable=YES
 chroot_list_file=/etc/vsftpd.chroot_list

Save the changes and exit nano. Create vsftpd.chroot_list:

sudo nano /etc/vsftpd.chroot_list

and add yourself to that file(not the test user we created):

bt

That's the user with sudo access(the user you use to login). He will have access to all folders, not just his home folder. Save the changes and exit nano.

All that's left to be done is restarting vsftpd:

sudo /etc/init.d/vsftpd restart

That's it. Now you( user bt) will be able to SSH, and see all folders in FTP and user test will be limited to one folder and won't be able to SSH in to your VPS.

Deleting user

If, for any reason, you want to delete users access to FTP just delete the user:

sudo deluser test

will delete user named test.

Personal tools