Home arrow Site Administration arrow Setting Up wuftpd for Non-Anonymous Accounts

Setting Up wuftpd for Non-Anonymous Accounts

For some reason, it's extremely hard to find all the documentation you need to easily set up wuftpd to allow FTP to semi-secure areas of a Unix filesystem. It's relatively simple to setup anonymous FTP, where the user has little or no access. But there are many occasions where you might want to allow users to have access to, for instance, Web site directories without allowing them to get into higher levels.

TABLE OF CONTENTS:
  1. Setting Up wuftpd for Non-Anonymous Accounts
  2. User environment
  3. The /etc/ftpaccess file
By: Glenn Fleishman
Rating: starstarstarstarstar / 3
April 06, 1999

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement
For some reason, it's extremely hard to find all the documentation you need to easily set up wuftpd to allow FTP to semi-secure areas of a Unix filesystem. It's relatively simple to setup anonymous FTP, where the user has little or no access. But there are many occasions where you might want to allow users to have access to, for instance, Web site directories without allowing them to get into higher levels.

There's only a few things you have to do, but failure to do any one of them results in frustration and failure.

I'm eager to keep improving this as a simplified account of how to set up an FTP server, so please write me with comments or improvements.

Install the Latest Version
Wuftpd (originally maintained by Washington University in St. Louis) is the standard FTP server used on Linux and most Unix boxes. It has great flexibility and configuration, but languished for lack of updates for quite a while, though sporadic attempts were made to maintain the last beta (from 1995 or so).

However, a new group is spearheading regular releases fixing security holes and bugs, and making wuftpd more compatible with modern operating system versions. Before proceeding below, get the latest "VR" release at ftp://ftp.vr.net/pub/wu-ftpd. Download the release named "...-vrXX.tar..." at the end.

A 2.5 release is expected soon, as is a site dedicated to wuftpd. The VR releases don't use the Red Hat "rpm" system, but are easy enough to make and install.

Setup an FTP user account for each user
This has to be separate from a regular user account with unlimited access, because of how the "chroot" environment works. Chroot makes it appear from the user's perspective as if the level of the filesystem you've palced them in is the top level of the file system. In /etc/password, you add a line like


frogstar:/ZFp0Rfh7B8PE:5035:2010::/usr/www/./frogstar/:/bin/noshell

The account is frogstar, but you'll notice the path to the home directory is a bit odd. The first part - /usr/www/ - indicates the filesystem that should be considered their new root. The dot divides that from the directory they should be automatically chdir (change directory'd) into, /frogstar/.

The /bin/noshell part disables their login as a regular user. Some Unix systems already have a null shell, so use that instead. Or, create a file in the location /bin/noshell


#!/bin/sh echo "You don't have login access"

Remember to add /bin/noshell to the /etc/shells file on a line by itself. If /etc/shells doesn't exist, create it, and add all your normal shells plus /bin/noshell.



 
 
>>> More Site Administration Articles          >>> More By Glenn Fleishman
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

SITE ADMINISTRATION ARTICLES

- Coding: Not Just for Developers
- To Support or Not Support IE?
- Administration: Networking OSX and Win 7
- DotNetNuke Gets Social
- Integrating MailChimp with Joomla: Creating ...
- Integrating MailChimp with Joomla: List Mana...
- Integrating MailChimp with Joomla: Building ...
- Integrating MailChimp with Joomla
- More Top WordPress Plugins for Social Media
- Optimizing Security: SSH Public Key Authenti...
- Patches and Rejects in Software Configuratio...
- Configuring a CVS Server
- Managing Code and Teams for Cross-Platform S...
- Software Configuration Management
- Back Up a Joomla Site with Akeeba Backup

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: