Filzilla user can navigate to root of freenas

[SimDuck]

Hello,

I'm trying to set up user home accounts and group share accounts.

I can successfully setup a restricted FTP using SSH home share. When I open in SFTPNetDrive, I can lock the share to their home directory and the user can't navigate up the tree to root (and see the bin, etc, var folders).

When I connect using FileZilla, the user is connected to their home directory but they are able to navigate up the tree to root and across the directories to other user's directories.

Is there a way to stop the up navigation in FileZilla?

Thanks
:)

 

[Bever]

When you use SFTPNetDrive, you don't use FTP, but SSH. When you use FileZilla, you do use FTP. So make sure you enabled "Always Chroot" in the FTP settings.

 

[SimDuck]

Hi Bever

Thanks for suggestion.

I do have "Always Chroot" ticked in the FTP service settings. In Filezilla, if I connect to port 22 using user name & password, I connect to /. If I connect to port 21 with same user & password, Filezilla can't connect.

So I'm doing something Noob-ily wrong.

Slightly off topic, if a user can navigate to and from / to different system paths, can they do damage to system files?

Thanks
:)

 

[Bever]

If you connect to 22, you are actually using scp, not ftp. If you can't connect to 21 (ftp), then maybe you didn't start the daemon? Can you connect from within an ssh session using ftp localhost?

If a user can browse to /, he can't do any real damage as long as you didn't provide him any special user rights. System files are not accessible by non-root user by default.