2

I have a system which was designed for use by root only and I want to run an FTP server on it. The software I use handles authentication by using same username and password as OS itself. To me it looks safer to have another user for FTP data transfer and another which would just run FTP server.

So here's my problem: As I've said, system was designed to be used only by root and there's no useradd or anything similar, as far as I can see. Is it possible to add user by hand?

I'm running OpenWRT Backfire 10.03.1-rc4, if it matters, but generic answers would be best.

Improve this question

1 Answer 1

Reset to default
5

Very roughly:

# cp /etc/passwd /etc/passwd.bak # just in case you e.g. forget one of the >s
# echo 'ftpuser:x:1000:1000:ftp user:/home/ftpuser:/bin/sh' >>/etc/passwd
# cp /etc/shadow /etc/shadow.bak
# echo 'ftpuser:x:15020:0:99999:7:::' >>/etc/shadow
# cp /etc/group /etc/group.bak
# echo 'ftpuser:x:1000:' >>/etc/group
# cp /etc/gshadow /etc/gshadow.bak
# echo 'ftpuser:x:1000:' >>/etc/gshadow
# passwd ftpuser
# mkdir /home/ftpuser
# chown ftpuser:ftpuser /home/ftpuser

You should of course make sure the username, user id, and group id are available. Also, unless the account needs shell access for some reason, set the shell to something like /bin/false or /sbin/nologin (if the latter is available).

Improve this answer
6
  • Downvoted for suggesting /bin/sh as a shell for a ftp-only user. Use /bin/false or something similar to make sure the FTP user can't get shell access, or better yet, set up scponly in a chroot (see [sublimation.org/scponly/wiki/index.php/Install] for instructions) Commented Mar 5, 2011 at 7:19
  • Note that he wants both a sending user and a server user. The former may well be a shell account. Commented Mar 5, 2011 at 7:21
  • Good point, but I'm kind of worried about the fact that he's trying to add a server user to a distro that's apparently specifically built /not/ to have them... Commented Mar 5, 2011 at 8:54
  • It's not a distribution per se; he's doing this on a router running the OpenWRT firmware, which is something of an advanced usage but well within the kinds of things people do with OpenWRT. Commented Mar 5, 2011 at 10:31
  • What if I want to add the user to more than 1 group? Commented May 4, 2015 at 12:50

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.