Join Log in
Score:0
Marcos Senna avatar Server

Create a user and give him access to a specific website in Ubuntu (Digitalocean+Serverpilot)

US flag
Marcos Senna

I'm a little newbie in programming and I would like to ask for help in this forum, because I've already searched in several places and I couldn't find it.

I have an Ubuntu server on Digitalocean with serverpilot installed. My only user created there is "serverpilot" But a programmer asked for access to a site that I have installed on this server. There he will program a template and make some modifications to the database, and as I didn't want to give the "serverpilot" user login, I asked him for some time to create a specific FTP user just for him to access this site (its folders and subfolders) . I've been researching how to do this, I've tested some tutorials, but I'm still stuck.

I managed to install vsftpd and then I started to curl up.

I want this new ftp user to have access only to a specific site that is in the directory "/srv/users/serverpilot/apps/cronegame2/public" , and with that he can access its folders, subfolders, database and be able to modify them ,nothing more than this. And that he can log in only through port 21 so he can't access ROOT.

Please help me to achieve this.

187
1 + 2
vidarlo avatar
ar flag
vidarlo
First of all, the fact that you installed *FTP* to secure your system is *crazy*. FTP doesn't employ encryption and is a kludge. Do not ever use it. Second, we do not support web control panels, because they're generally non-standard. Check the manual for what you attempt to do.
2
Reply
Nikita Kipriyanov avatar
za flag
Nikita Kipriyanov
The secure way to do this would be something called **SFTP** which has nothing to do with FTP, it is a subsystem of SSH and it is therefore very secure, can use key-based authentication (stronger than password-based). Search site on how to create *SFTP-only user in Ubuntu with chroot* (it'll chroot into the directory where you want to give an access, and it will not let a shell access).
0
Reply
Score:0
에이바 avatar Server
cn flag
에이바

To make an FTP user with limited access to a specific website directory, you can follow these steps:

Create new user for FTP access:

sudo adduser ftpuser

Set a password for the new user.

Create a new group for FTP access:

sudo groupadd ftpaccess

Add the FTP user to the new group:

sudo usermod -aG ftpaccess ftpuser

Change the ownership of the website directory to the new grouup:

sudo chown -R serverpilot:ftpaccess /srv/users/serverpilot/apps/cronegame2/public

Change the permissions of the website directory to allow the new group to read, write, and execute:

sudo chmod -R g+rwx /srv/users/serverpilot/apps/cronegame2/public

Configure vsftpd to allow access only to the specific directory and restrict access to the root directory:

Edit the /etc/vsftpd.conf file and add the following lines at the end:

# Allow access only to the specific directory
chroot_local_user=YES
local_root=/srv/users/serverpilot/apps/cronegame2/public

# Restrict access to the root directory
userlist_enable=YES
userlist_deny=NO
userlist_file=/etc/vsftpd.allowed_users

Finally create the /etc/vsftpd.allowed_users file and add the FTP user to it:

sudo sh -c "echo 'ftpuser' >> /etc/vsftpd.allowed_users
+ 2
Marcos Senna avatar
md
Marcos Senna
Hello, thanks for the help. I followed these steps, I did everything correctly, but when logging in, he only logs in through port 22 and thus has access to the root of the server. How do I make it have access only to port 21, and when logging in, it is redirected directly to the root folder of the site directory?
0
Reply
에이바 avatar
cn flag
에이바
I'm not sure I understand because it sounds like he is just logging in with SSH and not even using vsftp?
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.