Rackspace Cloud Essentials - Configure a user in vsftpd for CentOS
Previous section: Rackspace Cloud Essentials - Install vsftpd for CentOS
This article describes how to create system users in vstfpd and
chroot them (isolate or “jail” them to their home directory) if necessary.
Add a system user
Create a new user for FTP access in vsftpd by creating a new valid Linux system user with the following commands:
useradd test passwd test
Disable SSH access for FTP users
The default user creation script gives a user the
which can be a little too powerful. If you don’t want your users
to log in to your server via SSH, you can block this access. When you
change the shell to
/bin/false, the users can log in only
via FTP or mail if you have that set up.
Modify the user access with the following command:
usermod -s /sbin/nologin test
Chroot a user
Now you can configure vsftpd to be able to
chroot (commonly referred to as
jailing) users to their home directories for security and privacy. When you
chroot users, they can’t move up a level in the directory structure after they
With vsftpd, you can chroot a user by editing the following in the
chroot_local_user=YES chroot_list_enable=YES chroot_list_file=/etc/vsftpd/vsftpd.chroot_list
You must create a vsftp.chroot_list file and enter users who do not
chroot. Every user uses
chroot by default. Therefore, create a chroot_list file,
even if the file is going to remain empty:
After the file is created and you have set up your chroot_list, restart vsftpd with the following command:
service vsftpd restart
Continue the conversation in the Rackspace Community.
©2016 Rackspace US, Inc.
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License