Why my vsftpd server not work properly?
by n00b_noob from LinuxQuestions.org on (#57SFW)
Hello,
I'm using CentOS 8 x86_64 and I want to configure vsftpd service and limit a user to just specific directory. I did below steps to configure vsftpd:
1- I created an account and set a password for it:
Quote:
Then I changed vsftpd configuration as below:
Code:anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
log_ftp_protocol=YES
connect_from_port_20=YES
chroot_local_user=No
listen=NO
listen_ipv6=Yes
pam_service_name=vsftpd
# Home User
userlist_enable=YES
virtual_use_local_privs=YES
userlist_deny=NO
user_config_dir=/etc/vsftpd/user_config_dir
##
ssl_enable=YES
ssl_tlsv1_2=YES
ssl_sslv2=NO
ssl_sslv3=NO
pasv_min_port=40000
pasv_max_port=50000
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
require_ssl_reuse=NO
ssl_ciphers=HIGH
debug_ssl=YESThen I opened "/etc/vsftpd/user_list" and added "jason" account to it. After it:
Code:# mkdir /etc/vsftpd/user_config_dir/
# touch /etc/vsftpd/user_config_dir/jasonThen opened "jason" file and added below lines into it :
Code:local_root=/var/www/wp/
write_enable=YESOther files are:
Code:# cat ftpusers
# Users that are not allowed to login via ftp
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobodyAnd:
Code:# cat user_list
# vsftpd userlist
# If userlist_deny=NO, only allow users in this file
# If userlist_deny=YES (default), never allow users in this file, and
# do not even prompt for a password.
# Note that the default vsftpd pam config also checks /etc/vsftpd/ftpusers
# for users that are denied.
#root
#bin
#daemon
#adm
#lp
#sync
#shutdown
#halt
#mail
#news
#uucp
#operator
#games
#nobody
jasonAnd finally, restarted the vsftpd service.
I'm using FileZilla and can connect to FTP server but jason user see its home directory and not "/var/www/wp/" and can see other parts of system too.
What is my problem? Which part is wrong?
Thank you.
I'm using CentOS 8 x86_64 and I want to configure vsftpd service and limit a user to just specific directory. I did below steps to configure vsftpd:
1- I created an account and set a password for it:
Quote:
| # useradd jason # passwd jason |
Code:anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
log_ftp_protocol=YES
connect_from_port_20=YES
chroot_local_user=No
listen=NO
listen_ipv6=Yes
pam_service_name=vsftpd
# Home User
userlist_enable=YES
virtual_use_local_privs=YES
userlist_deny=NO
user_config_dir=/etc/vsftpd/user_config_dir
##
ssl_enable=YES
ssl_tlsv1_2=YES
ssl_sslv2=NO
ssl_sslv3=NO
pasv_min_port=40000
pasv_max_port=50000
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
require_ssl_reuse=NO
ssl_ciphers=HIGH
debug_ssl=YESThen I opened "/etc/vsftpd/user_list" and added "jason" account to it. After it:
Code:# mkdir /etc/vsftpd/user_config_dir/
# touch /etc/vsftpd/user_config_dir/jasonThen opened "jason" file and added below lines into it :
Code:local_root=/var/www/wp/
write_enable=YESOther files are:
Code:# cat ftpusers
# Users that are not allowed to login via ftp
root
bin
daemon
adm
lp
sync
shutdown
halt
news
uucp
operator
games
nobodyAnd:
Code:# cat user_list
# vsftpd userlist
# If userlist_deny=NO, only allow users in this file
# If userlist_deny=YES (default), never allow users in this file, and
# do not even prompt for a password.
# Note that the default vsftpd pam config also checks /etc/vsftpd/ftpusers
# for users that are denied.
#root
#bin
#daemon
#adm
#lp
#sync
#shutdown
#halt
#news
#uucp
#operator
#games
#nobody
jasonAnd finally, restarted the vsftpd service.
I'm using FileZilla and can connect to FTP server but jason user see its home directory and not "/var/www/wp/" and can see other parts of system too.
What is my problem? Which part is wrong?
Thank you.