Jenny_Hopkins@toby-churchill.com wrote:
Hi, I'm setting up an ftp server that I wanted to run in a chroot jail. I've created /home/ftp and created the basic etc, bin, lib, pub, dev, usr directory structure with the necessary files and correct permissions on them. Now what I'm unsure of is how I tell ftp that is where it has to run from. Do I need to modify the inetd.conf line ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.ftpd to something like ftp stream tcp nowait root /usr/sbin/tcpd /home/ftp/usr/sbin/in.ftpd Then create the sbin directory in /home/ftp/usr and copy in the in.ftpd program? Or do I leave inetd.conf as it is and create a wrapper script. If anyone has any experience of setting ftp up in a chroot jail, I'd be grateful of any pointers to web sites, or hints..the info I've found is always somehow missing parts I need to know. Thanks, Jenny.
Jenny,
When I first did this, I used wu-ftpd because it offered the easiest path the a chroot jail. The documentation is in the wuftpd web site, and pretty easy to follow.
Now we use vsftpd which offers a chroot by default, and appears to be the simplest, fastest, most secure ftp there is. I have NO doubt at all that others will disagree! It does have a simple set of features, but that, IMO, is an advantage.
Cheers, Laurie.