4

I'm setting up and FTP server, and I want to be able to login myself and do whatever I want, but if I want others to connect to my server, I give them credentials that restrict them to the home directory. I've created the user with:

adduser username
passwd username
mkdir /home/user_dir
usermod -d /home/user_dir

I then enabled chroot_local_user=YES and chroot_list_enable, created a file and put my username in it so that I still have access to the entire machine.

If I ftp as myself, I can login and do whatever I want, but I can't login as this new user. (I get 530 Login Incorrect).

Info:

Linux Mint

Using vsftpd

I can login to a shell as the new user (su newUser... password)

Also - if I remove myself from the chroot list, I get the 500 OOPS refusing to run with writeable root inside chroot. I'm assuming this error will be the same with the new user, how do I give them restricted access if I get this error when restricting their access? Fixed - forgot about writeable chroot

Improve this question
5
  • What FTP server are you using and what's your OS? Did you try to login to a shell with this user? Commented Jan 16, 2017 at 15:22
  • Edited the original post with more info Commented Jan 16, 2017 at 15:25
  • Don't just try a simple su like that, try to login to a shell to see if the user is blocked by something else. Commented Jan 16, 2017 at 15:27
  • I thought that's what su did? How do I do a proper login? The user is not there at boot, so something must be missing Commented Jan 16, 2017 at 15:35
  • What do you mean that the user is not there at boot? Commented Jan 16, 2017 at 15:54

1 Answer 1

Reset to default
7

Look at your /etc/passwd file Find your user and look shell (example ttr:x:501:501::/home/username/ttr:/sbin/nologin) Add this shell (/bin/false or /sbin/nologin) to your /etc/shell or /etc/shells After that, check your connection

Try again...If it still does not work

Back up the config file before making a change;

sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.back

and then edit vsftpd.conf (with vi or nano)

nano /etc/vsftpd.conf

Then make the following change

pam_service_name=ftp

Save your change and restart the ftp server (if you use nano hit CTRL+O & enter to save then CTRL+X to exit)

sudo service vsftpd restart
Improve this answer
3
  • I built a system to OPs definition, and this was the only thing that worked. I have deleted my answer and upvoted this one instead. Commented Jan 16, 2017 at 16:13
  • Thanks! I initially misread your post and was suggesting you use SFTP, but glad I corrected myself Commented Jan 16, 2017 at 17:34
  • askubuntu.com/questions/617370/… says setting pam_service_name to ftp is wrong. You could even set it to funnystuff having the same effect. Commented Nov 6, 2019 at 14:53

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.