Thursday, April 17, 2008

How to Jail ftp users via ProFTPd

Installing and configuring ProFTPD

Installing and configuring ProFTPD so that a web user can login and be jailed to their home directory is very simple

Firstly install proftpd via your FreeBSD Ports Directory



Once installed copy the proftpd.conf sample file to proftpd.conf
Edit the file and uncomment #DefaultRoot ~ as per below





# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
DefaultRoot ~

Then edit the proftpd startup script in /usr/local/etc/rc.d/
And change

proftpd_enable=$
to
proftpd_enable=$

edit your /etc/rc.conf file and add
proftpd_enable="YES"

Then start proftpd via the startup script

You should now be able to login as a user you created and you should only see your directory you should not be able to go back from /home/myuser to /home for instance

This is great for keeping clients in their vhost directory so that the can not traverse other directories.

No comments:

Joe's Store