user
------
1. mkdir /var/www/mydomain.com
2. mkdir /var/www/mydomain.com/html
3. useradd <-username>
4. passwd <-username>
5. chown –R <-username> /var/www/mydomain.com
chown –R u1 /var/www/mydomain.com
5. groupadd <-groupname>
6. gpasswd -a <-username> <-groupname>
7. chgrp -R <-groupname> /var/www/mydomain.com
chgrp -R u1 /var/www/mydomain.com
8. chmod -R g+rw /var/www/mydomain.com
chmod -R g+rw /var/www/mydomain.com
chmod -R 755 /var/www/mydomain.com
create FTP user with specific directory access
# vi /etc/vsftpd/vsftpd.conf
chroot_local_user=YES
# mkdir /var/ftp_home
]# useradd u1
]# passwd u1
Change ownership for the directory and set it up as it default home directory
]# chown u1:u1 /var/ftp_home
# usermod -d /var/ftp_home/ u1 # [target-directory username]
Change FTP users shells to nologin if you want to only perform ftp operation. This makes user to unable to logon to server via ssh or telnet
# usermod -s /sbin/nologin u1
Configure Different FTP User Home Directories
12. Open the vsftpd configuration file again and start by commenting the unsecure option below:
#allow_writeable_chroot=YES
Then create the alternative local root directory for the user (ravi, yours is probably different) and remove write permissions to all users to this directory:
# mkdir /home/ravi/ftp # chown nobody:nobody /home/ravi/ftp # chmod a-w /home/ravi/ftp
13. Next, create a directory under the local root where the user will store his/her files:
# mkdir /home/ravi/ftp/files # chown ravi:ravi /home/ravi/ftp/files # chmod 0700 /home/ravi/ftp/files/
Then add/modify the following options in the vsftpd config file with these values:
user_sub_token=$USER # inserts the username in the local root directory local_root=/home/$USER/ftp # defines any users local root directory
Save the file and close it. Once again, let’s restart the service with the new settings:
# systemctl restart vsftpd
14. Now do a final test again and see that the users local root directory is the FTP directory we created in his home directory.
# ftp 192.168.56.10 Connected to 192.168.56.10 (192.168.56.10). 220 Welcome to TecMint.com FTP service. Name (192.168.56.10:root) : ravi 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls
----------X-------------
Creating an FTP User
To test our FTP server we will create a new user.
If you already have a user which you want to grant FTP access skip the 1st step.
If you set allow_writeable_chroot=YES in your configuration file skip the 3rd step.
Create a new user named newftpuser:
sudo adduser newftpuser
Next, you’ll need to set the user password:
sudo passwd newftpuser
Add the user to the allowed FTP users list:
echo "newftpuser" | sudo tee -a /etc/vsftpd/user_list
Create the FTP directory tree and set the correct permissions:
mkdir -p /home/newftpuser/ftp/upload
chmod 550 /home/newftpuser/ftp
chmod 750 /home/newftpuser/ftp/upload
chown -R newftpuser: /home/newftpuser/ftp
As discussed in the previous section the user will be able to upload its files to the ftp/upload directory.
---------X-----------
-----