Tag

chroot jail

Add jail shelled FTP/SSH user on CentOS / Plesk

By | Interest, Linux | 4 Comments

The process of adding a new FTP user with SSH access to a Plesk / CentOS server is more difficult than it needs to be.  Plesk will only allow you to add WebUsers to your domains which have FTP accounts, not full SSH accounts.  Here is the quick and dirty. We want our new user to be in chroot jail and to inherit the same permissions as another user on the system.  The user will be restricted to the top level directory you define (for example httpdocs in this case).

Login as Root:

1.  [raw]cat /etc/passwd/ | grep ‘anyusername'[/raw]

This will return:

[cci]anyusername:x:10009:2524::/var/www/vhosts/anydomain.com:/bin/bash[/cci]

The first set of numbers after “:x:” is the UID or User Identifier.  We will use this in the next command to copy the same permissions.

2.[raw]useradd -u 10009 -o -d /var/www/vhosts/anydomain.com/httpdocs/ -g psaserv -s /usr/local/psa/bin/chrootsh newusername[/raw]

Replace “anydomain.com” with your domain, and “newusername” with the new user you would like to add.

3.[raw]passwd newusername[/raw]

Gives the user a password.

4. [raw]usermod -s /bin/bash newusername[/raw]

Boom! Done.

Extras:
For an in-depth discussion on working with rssh, chroot, and users – see UnixCraft