Linux - Restrict ftp users from using ftp server, Vsftpd configuration for uploading and downloading

Restrict ftp users from using ftp server

In this bluff we will see how to restrict an user from downloading and uploading of files to or from FTP server. To implement this security below are the steps.

On Redhat servers we normally use VSFTPD as the default ftp daemon. He we consider vsftpd service as a example to restrict users from downloading and uploading of files.

Edit vsftp configuration file
 # vi /etc/vsftpd/vsftpd.conf 

Disable anonymous FTP. By Comment out the anonymous_enable as below
 
 # Allow anonymous FTP?
 # anonymous_enable=YES
 anonymous_enable=NO

Allow the local users to logged in via ftp by uncommenting local_enable line in vsftpd.conf
 # Local FTP user Settings
 #
 # Uncomment this to allow local users to log in.
 #
   local_enable=YES 

Restart the FTP service
 # /etc/init.d/vsftpd restart

Create a user, group and shared directory
 # mkdir /opt/ftp-data

 # groupadd ftp-access

 # useradd -s /sbin/nologin ftp-admin


Set home directory for user ftp-admin as /opt/ftp-data
 # usermod -d /opt/ftp-data ftp-admin

Add users who can only read ftp data(i.e only FTP users)
 # useradd -G ftp-access -d /opt/ftp-data -s /sbin/nologin math

 # useradd -G ftp-access -d /opt/ftp-data -s /sbin/nologin david

Now you can set permissions to the directory
 
 # chown ftp-admin /opt/ftp-data

 # chgrp ftp-access /opt/ftp-data

 # chmod 750 /opt/ftp-data/


Set password for the users
 # passwd ftp-admin

 # passwd math

 # passwd data

In the above example the ftp-admin user can upload and download files from the directory /opt/ftp-data. Group members of ftp-access can only download files from the specified location. You can change the location or directory as per your requirement.

The topic on Linux - Restrict ftp users from using ftp server is posted by - Math

Hope you have enjoyed, Linux - Restrict ftp users from using ftp serverThanks for your time

Tech Bluff