You are not logged in.

#1 2005-02-03 03:37:22

bostoniman
Member
Registered: 2004-09-17
Posts: 213
Website

FTP user directory restriction

How do you make it so that a user can't go up any higher in the file tree than his home directory using FTP (note: i'm using vsftpd)?

Offline

#2 2005-02-03 11:58:41

neri
Forum Fellow
From: Victoria, Canada
Registered: 2003-05-04
Posts: 552

Re: FTP user directory restriction

bostoniman wrote:

How do you make it so that a user can't go up any higher in the file tree than his home directory using FTP (note: i'm using vsftpd)?

the easiest and prolly safest way is to chroot local users on ftp accesses.
There is a switch it vsftpd.conf iirc

-neri

Offline

#3 2005-02-03 12:26:33

lucke
Member
From: Poland
Registered: 2004-11-30
Posts: 4,018

Re: FTP user directory restriction

Yep, just set chroot_local_user=YES in vsftpd.conf.

Offline

#4 2005-02-03 20:25:45

bostoniman
Member
Registered: 2004-09-17
Posts: 213
Website

Re: FTP user directory restriction

OK, that worked.  I have another question:  If I attempt to connect to my FTP using the local network address while inside my network I can connect no problem.  However, when I try to connect using my external IP or my dynamic DNS address, I get the following message:

425 Security: Bad IP connecting.

What can I do to fix this problem?

Offline

#5 2005-02-03 20:42:35

lucke
Member
From: Poland
Registered: 2004-11-30
Posts: 4,018

Re: FTP user directory restriction

Quick googling revealed, that you should set pasv_promiscuous=YES in order to make it work. It seems that your data connection originates from the other IP than your control connection. I don't know what's the reason for it, you could research it some more :-) Maybe you should try disabling pasv connection, if active works for you. I'm far from being an expert in that field :-)

Offline

#6 2005-02-03 22:35:04

bostoniman
Member
Registered: 2004-09-17
Posts: 213
Website

Re: FTP user directory restriction

OK, that worked, thanks.

Offline

Board footer

Powered by FluxBB