Restrict FTP access to a single directory for only one user. - UNIX for Advanced & Expert Users

santhoshkumar_d · #1 (**permalink**) 05-23-2008

Hi All,

It will be very great if you can help me in this issue. Thanks in advance.

I need to enable FTP on a solaris9 server. I need to create a new user some "xxxxxx" and he can only FTP the files to and from between /tftpboot directory and network devices. Other users should not FTP the files from /tftpboot directory.

Please give me your valuable information in solving this issue ASAP.

Thanks,
santhosh

nua7 · #2 (**permalink**) 05-23-2008

Look out for the account option of ftp..

This is what the man pages say..

Code:

account [passwd]
	      Supply a supplemental password required by a remote  system  for
	      access  to  resources  once  a  login has been successfully com-
	      pleted.  If no argument is included, the user will  be  prompted
	      for an account password in a non-echoing input mode.

Hope this is what you are looking for..

If you don;t want to to it this way, maybe create a new group on the target machine and add the user (only) to that group.
Give proper permissions to the directory from where you want to copy files for that group only.

Thanks!
nua7

incredible · #3 (**permalink**) 05-23-2008

deny ftp access to users by placing their id into the /etc/ftpd/ftpusers file. Btw, you can check the FTP services enabled in the /etc/inet/services file

arjunreddy3 · #4 (**permalink**) 05-23-2008

just u denied ftp access to users by placing their id into the /etc/ftpd/ftpusers file.
once u check netstat -ae
it will display wether service is on or off.
it is on ok otherwise restart the services.
in sol10 #svcadm enable ftp or sol9 u have to go /etc/init.d
servies are in /etc/services.

santhoshkumar_d · #5 (**permalink**) 05-23-2008

Hi All,

Thanks for your support. But still my issue was not resolved. I will explain you what i need to do exactly.

Basically i have a solaris9 server. In which i have a directory called "/tftpboot/" in which i am storing configuration files of the network devices of some domain(switches/routers).
I will get the configuration backup of those network devices using FTP from my server. while doing FTP i need to restrict the FTP session for a single user and also that specific user can only FTP the configuration files to the directory "/tftpboot/". so others should not initiate a FTP session from my server to the network devices in my domain(only that specific user can initiate FTP session). One more thing is "/tftpboot/" directory will be used by other users who are storing configuration files of other domain network devices.
so now how can i restrict the specific user to do FTP from /tftpboot/ to the devices.
Please help me in this.

thanks,
santhosh

santhoshkumar_d · #6 (**permalink**) 05-23-2008

sorry to confuse you all.....

other users also should not initiate FTP session from /tftpboot directory..means other users should not put the files into /tftpboot directory using FTP... let them take the opportunity of transferring the files using scp or sftp or tftp but not through FTP..

nua7 · #7 (**permalink**) 05-23-2008

If I copied you right...
How about giving special permissions to the directory.. Even if the users try to ftp, they won;t be able to copy files..

That should solve the problem right...

More UNIX and Linux Forum Topics You Might Find Helpful
Thread	Thread Starter	Forum	Replies	Last Post
How to give FTP access to a single user	santhoshkumar_d	UNIX for Advanced & Expert Users	2	06-16-2008 07:43 AM
Restrict user access to their home dir	rdns	UNIX for Dummies Questions & Answers	10	05-26-2008 07:28 AM
restrict access of a user to two directories only	vikas027	Linux	10	05-03-2008 07:26 AM
How to restrict a user group to access the kernel	harishankar	HP-UX	0	08-08-2007 11:09 PM

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode