FTP Server for individual client spaces

Jonathan McKeown j.mckeown at ru.ac.za
Fri Jul 10 14:27:21 UTC 2009

On Friday 10 July 2009 16:10:24 RS Wood wrote:
> I run a small engineering company* that exchanges large files (CAD,
> etc.) with clients, and I want to keep the docs off my email server by
> setting up a stand alone FTP server where each client can upload and
> download its relevant files.  As such, my own users/employees should be
> able to reach every client’s FTP space but each client should only be
> able to reach his own.  As my users finish a doc, they place it in that
> client’s FTP directory and the client can log in and get it.  As such,
> I don’t want any form of unauthenticated FTP.
> Is the solution ftpchroot?  If so, it’s not clear how I can chroot
> each potential client into his own directory, as my understanding is
> that all chrooted users wind up at the same place (like /var/ftp/pub).
> Or is the solution that each client gets access to his own home
> directory; if so, how do I ensure my staff has access to each client’s
> home directory?

I haven't tried this, but man ftpd.conf suggests something along the lines of:

chroot chroot /some/path/%u

where the second chroot is the ftp class, and %u will be expanded to the 
username. Make sure all your external users are in ftp class chroot (by 
putting their usernames in /etc/ftpchroot), and make /some/path group-owned 
and group-readable by a group all your staff are in (the group ownership of a 
directory automatically propagates to new directories created below it).

Let us know how it goes!


More information about the freebsd-questions mailing list