Tim Fischbeck's picture

Yesterday I downloaded and installed the TKL File Server appliance.  My plans are to use it solely as an FTP server.  I have created a user named abc (for example).  I am successfully able to log into the server from Filezilla for example and directly into the abc user home directory without issue.  My question is, how can I prevent the abc user from navigating the tree above his home directory (ex. /, /home, etc.)?  I have been researching this for a couple of days, and so far, nothing that I have tried has helped.  I guess it is obvious, but I will admit that I haven't used Linux/Unix in quite some time.

Jeremy Davis's picture

And the term for locking users into their home directory is chroot jail. It can be done by configuring OpenSSH. Although it may be easier to limit the user's access to SFTP/SSH and just install another FTP service such as vsftpd or proftpd. If you go that way then you will probably want to check out FTPS (FTP over SSL - as opposed to SFTP which is FTP over SSH) for security.

Have a look at this thread for some links to previous discussion on chroot jails with SFTP and vsftpd. There is also a thread here on proftpd.

Add new comment