FTPs users

Discussion in 'Installation/Configuration' started by Alex42, Mar 23, 2017.

  1. Alex42

    Alex42 New Member

    Hello,

    Firstly my apologise for my english.
    I m a french guy.
    If i want to used FTPs accounts for one client.
    can i use The shell USER?
    Because i try! all is ok! but the user can read or seen all of parts in the server... he's not blocked on his home or website path...
    Do you have some idea for my problem?
    If i use jailkit, the conection doesnt work.
    MY ISPConfig : 3.1.2
    Sytem: Debian Jessie

    TKx
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    I guess you mix up FTPS and SFTP. FTPS (FTP over SSL / TLS) is FTP and requires an FTP user while SFTP is SSH and requires an SSH user.

    So if you want to have secure FTP connections easily, then switch your FTP program to FTPS mode instead of SFTP mode.
     
  3. Alex42

    Alex42 New Member

    Oh yes!
    Excuse me.
    My question was SFTP... oops :rolleyes:
    My connection with winscp work, But i need the client stay on his folder.
    Now he have all the visibility with the others clients ...
    I want stay with ISPconfig/ is why i use the function "User shell " on ISPConfig
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    WinSCP support FTPS as well. Select as connection type "FTP" and then choose "TLS / SSL" as encryption method. This way you can use an FTP user and not SSH user in a secure way and you stay in that directory.
     
  5. Alex42

    Alex42 New Member

    Hello
    this method work but:
    The connection dont open the good directory... i need, the user connect on the root of his website.
    And if the client try with SSH , the connection work too... but he still have the visibility on all the server...

    What is the good operation i need to make.

    Create a Shell User? and? modify the home directory? (on my isp he directory is on the good way.. /var/www/clients/client3/web7)
    If i activated Jaikit, doesn't work..
    Excuse me but i'm not good with Linux ... :(
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    The directory is configurable on the options tab of the FTP user and the user is limited to the website. So this option provides everything that you requested, a secure Login with WinSCP to the site.

    A non-jailed SSH user can always see the whole server.

    This won't help you at all as shell users without jail are not limited to any directory.

    Jailkit works for SSH logins only, not SFTP. If you want to use jailkit for SCP, then you will have to reconfigure so that the jail contains all programs that are needed for scp. But I won't do that as there is a better and secure method that I described at the beginning.
     

Share This Page