How to show only specific directory to FTP user
For vsftpd
(“Very Secure File Transfer Protocol Daemon”), the configuration is exceedingly simple:
sudo apt-get install vsftpd
then:
sudo nano /etc/vsftpd.conf
ensure you have the following parameters set right:
# Depending on the version you're running, you might want to set the following
# parameter to YES
# (if affected by https://bugs.launchpad.net/ubuntu/+source/vsftpd/+bug/1313450)
listen=YES
# to allow local users to log on:
local_enable=YES
#if you want write access too:
write_enable=YES
# Set anonymous user directory to /srv/ftp (no default)
anon_root=/srv/ftp
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
# following for debugging purposes (to ensure you're on the right server)
ftpd_banner=Welcome to Aravind's FTP service.
# Now restrict users to their home directories:
chroot_local_user=YES
allow_writeable_chroot=YES
And now, if you want to set a particular user to a particular directory, just create a user with a particular directory:
sudo adduser ftpuser --home /usr/local/example
To test:
Go to a terminal on the machine running vsftpd
and type: ftp 127.0.0.1
and if you're greeted by your own banner, vsftpd
works!
Then test on the same machine to its public address: ftp 1.2.3.4
and finally from a remote machine to the public address. If something goes wrong with the public addresses, check your firewall settings.
Additional notes:
If you don't want the user to log on, add the --shell /bin/false
parameter to the adduser
command.
You might also want to delete all the directories/files (Desktop
, Pictures
, ... that the adduser
created if you don't want them there...