viki - vsftpd Wiki

You are here :

 Local Users

Sunday, 18. March 2007 22:06:52, by Daniel Khalil

 

Some of the more lazy folks want their FTP users to be the same as their local users. That is quite fine, unless you have zillions of users. However we will show you how such a config would preferably work out quite well [For less than 100 users].

# Uncomment this to allow local users to log in.
local_enable=YES

# Default umask for local users is 077. You may wish to change this to 022,
local_umask=022

# You may restrict local users to their home directories.  See the FAQ for
# the possible risks in this before using chroot_local_user or
chroot_local_user=YES
chroot_list_enable=NO

Now you should basically have a functioning vsftpd installation. The only thing that needs to be done is to add your users. For the paranoid ones out there, I recommend setting the shell of the FTP users added to

/bin/false

.

Something you should know here too, in "/etc/ftpusers" you can define local user accounts which can't be accessed by ftp.

Another security enhancement would be to edit your /etc/ssh/sshd_config and to extend it for the line

AllowUsers trusted_user1 itrust_fred and_barney_too

Allowing only specified users to login via SSH.

No comments yet