[lug] How to set up a private FTP account for a user?

[hobbes at netgnome.net]

> > vsftpd doesn't support it, AFAIK.  I do that with proftpd.  Set up a

While I too use proftpd for "virtual" (or private) user FTP access on
the public FTP servers I've built, I just downloaded and installed vsftpd on my home Gentoo system and right there in "man vsftpd.conf" was information on how to do this with vsftpd.

On Sat, Apr 01, 2006 at 07:10:40AM -0700, Bill Thoen wrote:
> Thanks Sean,
> 
> I sort of remember in the old days when you wanted to create a private FTP
> account, you'd create a new user account and assign it a null shell (or
> ftponly , or something like that) and then copy the FTP working files and
> directories to the new user's directory, so that the only thing they could
> do was FTP. But I'm a little vague on exactly what the process was now.  

This would be true if each FTP process was chroot'd to YOUR customer's home directory, and you wanted to provide them some sort of "standard" upload capability (e.g. /pub/incoming) for THEIR customers (e.g. a customized /etc/passwd file).  You can, with both vsftpd and proftpd, create virtual users in a separate file from /etc/passwd, OR you can signify any user's shell as /bin/false (or /dev/null, or /etc/nologin, or even /bin/passwd). and include "/./" in their home directory specification to "chroot' that user to their home directory (e.g. /localhost/home/./jaileduser)

Note that some FTP servers may require you to add whatever shell you
chose (/bin/false, /dev/null, etc) to /etc/shells.

> 
> The fact that I see no mention of this with the vsftp docs, and now your
> comment that it's not supported makes me feel a little better in that the
> reason I couldn't find any mention of it is because it's not there. So I

See userlist_enable, userlist_deny, and userlist_file in "man
vsftpd.conf".  If they aren't there, you might need to upgrade.
--

John-David Childs
IT Systems Architect and Senior Systems Engineer
Digitalglobe, Inc.