VSFTP chroot jail users – Limit FTP users access to home directory

01. February 2017 CentOS, RHEL, SysAdmin 0
VSFTP chroot jail users – Limit FTP users access to home directory

Lets see how we can configure a secure FTP server on CentOS  RHEL 6 / 7

First, you need to install the vsftp package on your server

yum install -y vsftpd

Once installed, lets start editing the configuration file,
vim /etc/vsftpd/vsftpd.conf

Line #12 disable anonymous FTP access, with the below configuration change.
anonymous_enable=NO

Chroot / Jail FTP users to their home directory

by default, any FTP user can login and access the entire files on the systems including /etc which is extremely dangerous.

Line #100 , enable the below setting.
[sociallocker]chroot_local_user=YES
also add the below new setting to the vsftpd.conf file
allow_writeable_chroot=YES[/sociallocker]

Now, Start the service and enable the service on boot.

systemctl restart vsftpd
systemctl enable vsftpd

Now the FTP users will be able to login and access their home directory only.

Leave a Reply

Your email address will not be published. Required fields are marked *