FTP
From apnsGuide
Contents |
Usage
Logging In
Your FTP login, as like with e-mail and SSH access, is of the form user@domain. Alternatively, if your FTP client has difficulties with using @ in the login, then it may be switched out with #. Either way both the username and domain are necessary to login to the FTP server. The FTP host name is simply your domain name. Welcome e-mails list the server name to help you get started with accessing your site before DNS updates.
Jailing Users
An individual user may be jailed to his or her home directory by editing /etc/vsftpd.chroot_list. The full login must be provided such as msaladna@apisnetworks.com. Upon logging in, the user will be jailed to the home directory (default is /home/user/) or if a per-user override is present, then the value defined by the directive local_root.
Jailing a user restricts the user from ascending up the directory tree. In a hypothetical example if the main account holder (we will say msaladna) were jailed, then because the document root /var/www/html/ resides outside /home/msaladna/, then access would be forbidden. /home/msaladna/ is seen by the user as /. Even though mainwebsite_html/ may be present, it is a symbolic link to /var/www/html/, which is outside the jailed tree.
Important: Ensure that you are using Unix-style end-of-line markers for the vsftpd.chroot_list. If you are unsure, after adding or removing a user, visit the File_Manager and click on the icon to the left of /etc/vsftpd.chroot_list to bring up its properties. Click on the "Windows -> Unix" button in the end-of-line conversion utility. Users will not be jailed correctly if Windows-style EOL markers are used (\r\n).
Defining Per-User Configuration
Special configuration directives may be setup on a per-user basis. Configuration is stored in a file called user@domain in /etc/vsftpd/. By default the file does not exist for users. The most popular configuration directive to include is local_root to assign a different jailed path to a user. To jail a user to a particular directory outside his home directory, the following configuration may be used:
local_root=/var/www/html/foobar/
Questions
Are any encrypted forms of login supported?
Yes, you may use AUTH TLS over port 21.
