#groupadd

I just blogged: Create an additional #SSH-login enabled user for your #Azure #Linux VM without third-party tools

As I am moving forward in my current Linux journey, I recently came into a situation where a second user would have been handy. So I tried a few things to create the new user and allow the new user to only log in via SSH.

What the h*** is SSH?

SSH stands for Secure SHell and describes a protocol to connect via encrypted credentials. The security is provided by cryptographic keys, where the…

How to add permissions for multi user with folder in Fedora / RHEL / Cent OS Linux (5.x,6.x)

We have 2 user : linshan and total. We want 2 user have permission write in folder /apps We will create 1 group and add 2 user to this group

[root@Lab218 ~]# useradd linshan [root@Lab218 ~]# useradd total [root@Lab218 ~]# groupadd vip [root@Lab218 ~]# usermod -a -G vip linshan [root@Lab218 ~]# usermod -a -G vip toal usermod: user toal does not exist [root@Lab218 ~]# usermod -a -G vip total…

FTP access is something that is one of the most common requirements. I wanted to set it up so that I could:

Restrict FTP accounts to certain folders and not let them roam around the entire directory structure.

Make sure that files that were being uploaded through FTP were being assigned the appropriate permissions -- in my case -rwxr-xr-x (If you don’t know what this is, check out this post on groups and permissions).

Have the ability to have a master FTP account which is allowed to browse all folders.

1) Installation 

I decided to go with vsftpd for a couple of reasons. The biggest of course being that my friend Nestea recommended it. That pretty much holds enough weight to justify the selection right there, but it was also the most recommended one at trusted sources such as /r/linux and Serverfault. 

To install, simply execute: 

sudo apt-get install vsftpd

Before we move on to configuration, always make a backup copy of the original config:

sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.original

Now edit the /etc/vsftpd.conf file to customize the following:

2) Disable anonymous login, enable local users to login and give them write permissions: 

# No anonymous login anonymous_enable=NO # Let local users login # If you connect from the internet with local users, you should enable TLS/SSL/FTPS local_enable=YES # Write permissions write_enable=YES

3) Restrict all users to their home directory, unless specified otherwise in the list: 

# Just some users are "free": chroot_local_user=YES chroot_list_enable=YES # Create the file /etc/vsftpd.chroot_list with a list of the "free" users.

4) Create a group for FTP Logins and user accounts with access to a particular directories:  

sudo groupadd FTPLogins sudo useradd -d /var/www/mydomain.com/public_html -g FTPLogins FTPJim

This creates an account with the username FTPJim and adds it to the group FTPLogins. FTPJim will be restricted to the root of mydomain.com and it’s subfolders.

5) Assign permissions the files uploaded via FTP will possess:

When a file is uploaded, by default it will contain the permissions "-rw-------" which of course is no good for us. So in order to rectify this, we once again edit our /etc/vsftpd.conf file and make the following modifications:

 file_open_mode=0644 local_umask=022

You can play with the values (use octal representations) but this will essentially get you to have the permissions -rw-r--r-- which is a start.

6) Apply configurations and go!