Follow us on...
Follow us on Twitter Follow us on Facebook
Register
Page 1 of 2 12 LastLast
Results 1 to 8 of 14
  1. #1
    Jadey's Avatar
    Jadey is offline sosumi
    Join Date
    Apr 2001
    Location
    CANADA
    Posts
    770
    Thanks
    0
    Thanked 0 Times in 0 Posts

    How-to: Setup a chroot jail for your FTP users

    This How-to will explain how to restrict your FTP users to their home directory, so they won't be able to look at any directories higher than their own.

    Launch Terminal (in Applications -> Utilities)

    type: cd /etc
    sudo pico ftpchroot

    Type the valid usernames of people in this file that you want to be restricted to their own directory when they FTP into their machine. Separate each entry by a carriage return. This file will look simply like this:

    ebunny
    sclaus
    tfairy

    Then save the file by holding down the Control key and hitting X. This will create the file ftpchroot in the /etc directory.

    Now restart your FTP server by turning it off then on again in your Sharing Control panel. Done!

  2. #2
    symphonix is offline Scratch & Sniff Committee
    Join Date
    Jul 2001
    Location
    The Australian Jungles
    Posts
    4,018
    Thanks
    2
    Thanked 6 Times in 5 Posts
    Is there a MOTD (Message of the Day) file for FTP, so I can have a message appear when someone logs in with a simple FTP client?

  3. #3
    blb
    blb is offline `'
    Join Date
    Apr 2001
    Location
    CO, USA
    Posts
    651
    Thanks
    0
    Thanked 0 Times in 0 Posts
    There are several, depending on circumstance.

    /etc/ftpwelcome is printed to all connections prior to asking for username/password.

    /etc/ftpmotd is printed after a successful login by a user who isn't in /etc/ftpchroot.

    ~/etc/ftpmotd is printed after a successful login by a user who is in /etc/ftpchroot, since they've been chroot'ed to their home (~) directory.

  4. #4
    symphonix is offline Scratch & Sniff Committee
    Join Date
    Jul 2001
    Location
    The Australian Jungles
    Posts
    4,018
    Thanks
    2
    Thanked 6 Times in 5 Posts
    Thanks! Thats just what I needed!

  5. #5
    dani++ is offline usin UNIX since '92
    Join Date
    Oct 2000
    Location
    Barcelona, Catalonia - Spain
    Posts
    249
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Does this work for sftp too?

  6. #6
    mdkia is offline Registered User
    Join Date
    Mar 2002
    Location
    italy
    Posts
    6
    Thanks
    0
    Thanked 0 Times in 0 Posts
    hi,
    i was searching on deja.com to find an answer to the ftp 'jail' question, i found it here, i registered with the forum and i tried what you suggested ...i think i made everything ok, but on my mac ...it doesn't work!:(
    i made it and then (i'm in office now) i tried to log in my ftp (mac os x server) with one of the user names i wrote in the ftpchroot file ...but i can still see the other directories.
    one of my users is 'andrea' and another one is 'gigi' ...if i log in with the user 'andrea', i can navigate also in 'gigi' directory!:(

    i think i made some mystakes!:(


    ciao

  7. #7
    Jadey's Avatar
    Jadey is offline sosumi
    Join Date
    Apr 2001
    Location
    CANADA
    Posts
    770
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Someone else private messaged me about using this with Mac OS X server. I haven't ever used the server, and I don't know if the same FTP server is used or not. What FTP server is installed with Mac OS X server?

  8. #8
    mdkia is offline Registered User
    Join Date
    Mar 2002
    Location
    italy
    Posts
    6
    Thanks
    0
    Thanked 0 Times in 0 Posts
    thanks for your reply ...i don't know which ftp server is, but btw i gave it up becuase i can't spend a lot of time with it ...:(
    ps: may i ask you smth. else?
    if in mac os x (not server) i start the ftp in system preferences (i think ...becasue my os is italian and i'm not sure of the translation) how i can add users? ...with the normal users control panel, the same used for the login screen? ...it's not comfortable ...i mean ...i want to decide myself where the new user have his home directory ...

    maybe it's a stupid question ...and if it's so ...sorry, but i'm newbie with mac ...i always used pc (for ftp and web servers too)!:)

    thanks again
    marco

 

 
Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •