FTP user directory restriction

bostoniman · 2005-02-03 03:37:22

How do you make it so that a user can't go up any higher in the file tree than his home directory using FTP (note: i'm using vsftpd)?

neri · 2005-02-03 11:58:41

bostoniman wrote:

How do you make it so that a user can't go up any higher in the file tree than his home directory using FTP (note: i'm using vsftpd)?

the easiest and prolly safest way is to chroot local users on ftp accesses.
There is a switch it vsftpd.conf iirc

-neri

lucke · 2005-02-03 12:26:33

Yep, just set chroot_local_user=YES in vsftpd.conf.

bostoniman · 2005-02-03 20:25:45

OK, that worked. I have another question: If I attempt to connect to my FTP using the local network address while inside my network I can connect no problem. However, when I try to connect using my external IP or my dynamic DNS address, I get the following message:

425 Security: Bad IP connecting.

What can I do to fix this problem?

lucke · 2005-02-03 20:42:35

Quick googling revealed, that you should set pasv_promiscuous=YES in order to make it work. It seems that your data connection originates from the other IP than your control connection. I don't know what's the reason for it, you could research it some more :-) Maybe you should try disabling pasv connection, if active works for you. I'm far from being an expert in that field :-)

bostoniman · 2005-02-03 22:35:04

OK, that worked, thanks.

Arch Linux

#1 2005-02-03 03:37:22

FTP user directory restriction

#2 2005-02-03 11:58:41

Re: FTP user directory restriction

#3 2005-02-03 12:26:33

Re: FTP user directory restriction

#4 2005-02-03 20:25:45

Re: FTP user directory restriction

#5 2005-02-03 20:42:35

Re: FTP user directory restriction

#6 2005-02-03 22:35:04

Re: FTP user directory restriction

Board footer