VSFTP USER_LIST not working
by Jlove130 from LinuxQuestions.org on (#5JBP3)
I'm trying for force the system to only allow SFTP for specific users only. But no matter what I do, root (or others) can still login as FTP users.
I suspect it's permissions on the user_list file and I'm not certain vsftpd is starting as a non-root user, which I believe I want too, for security reasons.
Here's my vsftpd.conf:
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
idle_session_timeout=600
data_connection_timeout=120
nopriv_user=ftpsecure
user_sub_token=$USER
local_root=/home/$USER/ftp
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
listen=NO
listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
userlist_deny=NO
userlist_file=/etc/vsftpd/user_list
tcp_wrappers=YES
Here's the permissions on the user_list file:
-rw-r--r--. 1 ftpsecure ftpsecure 24 May 17 14:42 user_list
I suspect it's permissions on the user_list file and I'm not certain vsftpd is starting as a non-root user, which I believe I want too, for security reasons.
Here's my vsftpd.conf:
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
idle_session_timeout=600
data_connection_timeout=120
nopriv_user=ftpsecure
user_sub_token=$USER
local_root=/home/$USER/ftp
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
listen=NO
listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
userlist_deny=NO
userlist_file=/etc/vsftpd/user_list
tcp_wrappers=YES
Here's the permissions on the user_list file:
-rw-r--r--. 1 ftpsecure ftpsecure 24 May 17 14:42 user_list