Limit FTP access

[optimised]

Hi,
I would like to limit a user's FTP access to their home directory only.(ex: /home/userjohn/) They do not log on locally to the machine, the user is only going to FTP web docs. When they ftp in, they go directly to their home directory, but currently they can go back, and the entire root of the server is also available to them. Is there a special group I should put them in or anything else I'm missing so that they Can Not surf the entire server.

thanks

 

[ifincham]

Hi,

To do this you have to set up a change root environment - aka chroot jail. In essence you re-set the user's root directory ('/') as being at some other physical location in the filesystem, e.g. /home/ftp. You then have to create a minimal root system under that point. So, for example, the chroot user's /bin would actually be at /home/ftp/bin in the above example. In theory, they can't cd above their '/'. See ->

http://www.linuxdoc.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/chap29sec296.html

.

Regards