How To's Tutorials
vsftpd stands for "Very Secure FTP Daemon", is an FTP server for Unix-like systems, including Linux. When we configure vsftpd , all ftp users can move to other's directory from their home folder. In this article we will make the changes in the vsftpd server so that user's are limited to their home directory only. This can be achieved by setting up vsftpd chroot or jail like environment.
As shown in the below examples , jack is a ftp user , who can change their directory.
Now Follow below steps to configure chroot or jail like Environment invsftpd :
[root@localhost ~]# vi /etc/vsftpd/vsftpd.conf
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
# (default follows)
Save & exit
Important Notes : ( 1 ) if you are only uncommenting the line 'chroot_local_user=YES' . All the local users are chroot() /jailed to their home direcory.
(2) if we want only selected ftp users restricted to their home directory, then uncomment the line "chroot_list_enable=YES" and "chroot_list_file=/etc/vsftpd/chroot_list" and create a file '/etc/vsftpd/chroot_list' and add the users that we want to chroot.
[root@localhost ~]# vi /etc/vsftpd/chroot_list
User's listed in this file will be restricted to their home diretcory.
[root@localhost ~]# service vsftpd restart ; chkconfig vsftpd on
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
In case of 'chroot_local_user=YES' :
In case of "chroot_list_enable=YES" and "chroot_list_file=/etc/vsftpd/chroot_list". users listed in chroot_list file will be restrictedand other users are allowed to change the directory. In My scenario i have two local users Jack & Mark , where jack is listed in chroot_file.
For Jack User :
For Mark user :
Configure VSFTPD Chroot