Configuring vsftpd for multiple users
I have a Ubuntu 22.04 node that I want to use as an SFTP server. I installed and configured vsftpd and it works, just not the way I want.
I want to have 2 users - UserA and UserB. Both are only allowed to use their home directory, they can FTP files to sub-directories but are NOT allowed to "cd .." and move above their home directory.
At the moment my vsftpd.conf looks like this
chroot_local_user=NO
chroot_list_enable=YES
user_sub_token=$USER
chroot_list_file=/etc/vsftpd.chroot_list
No matter what options I choose I do this:
systemctl restart vsftpd
and test and both users can "cd .." and freely move around the FTP server.
How do I restrict these users?
4 Replies
mjones
Linode Staff
✓ Best Answer
Hi @ascendmgt - That's something you can set at the Linux user level. We have a guide on Linux users and groups here:
https://www.linode.com/docs/guides/linux-users-and-groups/
And there's a Stack Overflow post on the topic here:
I followed it as best I can, and it's better, but the users can still get to / because of permissions
This may help:
https://www.ryadel.com/en/vsftpd-configure-different-home-folder-each-user-specific-directory/
You also need to be aware that ftp (the protocol) is inherently insecure. IMHO, you're better off requiring people to use sftp…which doesn't have this "feature". This link
explains how to limit sftp users to specific home directories.
-- sw
OMG …. one of the times when I'm slightly out of my depth (can you tell?) and trying to learn and get something done at the same time.
OF COURSE I was trying to setup an SFTP server, but for some crazy reason I was using vsftpd to do that - totally wrong.
When I started to think faster than I was typing I realised my error, read a lot of documentation (including all the links posted here - thanks :) :) ) and had ssh configured and working easily by following this guide : https://linuxize.com/post/how-to-set-up-sftp-chroot-jail/