Problem solve Get help with specific problems with your technologies, process and projects.

Restricting user access to home directories

Security expert James Turnbull describes how to restrict user access to home directories through the use of the "chroot" command.

I am using Fedora Core 1.0 on my Web server and have installed VSFTPD on it. If I create an account and give it a home directory, (i.e./var/www/test) and try to access FTP with this account, it goes into the directory /var/www/test. However, if after logging into FTP I press the "back" button, it takes me to /var/www folder where the user can see all of the data. How do I restrict the user to access their home directories only?
In order to lock a user into their home directory, you need to look at vsftpd's chroot functionality. You need to edit the /etc/vsftpd/vsftpd.conf configuration file and change chroot_list_enable option to "yes." Then, specify a file called /etc/vsftpd.chroot and add all the users you wish to chroot to this file.

Or, if you wish all users to be chroot'ed, then you can set the chroot_local_user option to "yes." Chrooting an FTP server can be complicated and have some serious security implications. I recommend you read the vsftpd.conf man page carefully.

Dig Deeper on Linux servers

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.