Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
We have a system running RHEL 7. Users can connect using SFTP and their /home/user directory is where they start. They can browse the whole system with similar permissions as if they had made an SSH connection.
What we need to do is create an account that can only access an FTP directory and it's subdirectories. We don't want this user to be able to browse the rest of the system.
We also need our other users to be able to access their home directories using SFTP, as well as access the FTP directory and subdirectories.
What we currently have installed is: ftp-0.17-67.el7.x86_64
Is this possible? Can we do it with the FTP package currently installed or should we install something like ProFTP?
We have a system running RHEL 7. Users can connect using SFTP and their /home/user directory is where they start. They can browse the whole system with similar permissions as if they had made an SSH connection.
What we need to do is create an account that can only access an FTP directory and it's subdirectories. We don't want this user to be able to browse the rest of the system. We also need our other users to be able to access their home directories using SFTP, as well as access the FTP directory and subdirectories.
What we currently have installed is: ftp-0.17-67.el7.x86_64 Is this possible? Can we do it with the FTP package currently installed or should we install something like ProFTP?
However, SFTP and FTP are two VERY different things; the term you're looking for is chroot, meaning that users can only access their own resources, and not traverse the filesystem any further. If you create one user that's chroot'ed to their own folder, and your local users are using SFTP (with the appropriate permissions), they should be able to traverse that structure if you don't chroot THEM.
Yes, you can set up a chrooted SFTP account while leaving the others SFTP accounts untouched, all without compromising the integrity and safety of the system by adding vsftp.
The one thing to know with chrooted SFTP is that the chroot target must be owned by root. That is essential to ensure that the chroot remains separate. However it also means that you have to plan the directory substructure a little for the chroot.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.