Create new vsftpd user and lock to (specify) home / login directory
Solution 1:
Complete answer that solved my question for any others that are after a step by step walkthrough...
Install vsftpd
using this as a guide.
- Create user with
useradd [user_name]
. - Create user's password with
passwd [user_name]
. (You'll be prompted to specify the password). - Create FTP directory in
/var/ftp
and then bind to the 'home' directory you wish to specify for this user withmount --bind /var/www/vhosts/domain.com/ /var/ftp/custom_name/
. -
Change user's home directory with
usermod -d /var/ftp/custom_name/ user_name
In
/etc/vsftpd/vsftpd.conf
, ensure all all of the following are set:-- chroot_local_user=YES
- chroot_list_enable=YES
- chroot_list_file=/etc/vsftpd.chroot_list
Only list users in the vsftpd.chroot_list
file if you want them to have full access to anywhere on the server. By not listing them in this file, you're saying restrict all vsftpd
users to their specified home directory.
In other words (for reference):-
- means that by default, ALL users get chrooted except users in the file...
- chroot_local_user=YES
- chroot_list_enable=YES
- means that by default, ONLY users in the file get chrooted...
- chroot_local_user=NO
- chroot_list_enable=YES
Solution 2:
For me it didn't work even after the above. There was a local_root already set to a directory, and whatever I do, user's directory hasn't jailed. Finally it is worked after only changed
chroot_local_user=YES
And following procedure
- vi /etc/vsftpd.conf
- Add the line 'user_config_dir=/etc/vsftpd_user_conf' (no quotes)
- mkdir /etc/vsftpd_user_conf;
- cd /etc/vsftpd_user_conf
- vi user_name;
- Enter the line 'local_root=/srv/ftp/user_name'
Just my two cents if anyone else had same issue.