Hiya,
the goal: give a user a specific "folder" on the nas that he can enter through FTP but not leave to other folder/disks but that one folder, sort of a "homefolder".
Version freenas used:
Build FreeNAS-8.3.0-RELEASE-x86 (r12701M)
things i did sofar:
I created a dataset to use as a homedirectory:
http://img23.imageshack.us/img23/2600/dataset.jpg
created a user with home directory to the ZFS dataset i created earlier:
http://img94.imageshack.us/img94/7594/usero.jpg
next I activated the FTP, with the option "allways chroot" and "enable ssl/tls" turned on.
"Allow Root Login" and "Allow Anonymous Login" were turned off.
SSH was also activated.
When i use WINSCP to connect through SFTP(using the port opened for SSH) towards the server using the michlimit account. The screen opens on the folder I want the user to access but I’m able to go higher up to the other folders.
However, when I use WINSCP with FTP and TLS explecit encryption (and the port for FTP) I’m not allowed to leave the homefolder I setup for the user.
Using Filezilla, another FTP client normal connection fails because it requires ssl/tls encryption.
So I open it while using sftp://ip-adres (port ssh) and again I’m able to go up to other folders.
So In short I’m at a loss why it works on one and not on the other. I want the connection going through secure channels (obviously) and I want to limit my users to specific folders. (even if that means creating lots of datasets for each specific user).
What did I configure wrong/badly? Ask for more screenshots if you need em ^^
the goal: give a user a specific "folder" on the nas that he can enter through FTP but not leave to other folder/disks but that one folder, sort of a "homefolder".
Version freenas used:
Build FreeNAS-8.3.0-RELEASE-x86 (r12701M)
things i did sofar:
I created a dataset to use as a homedirectory:
http://img23.imageshack.us/img23/2600/dataset.jpg
created a user with home directory to the ZFS dataset i created earlier:
http://img94.imageshack.us/img94/7594/usero.jpg
next I activated the FTP, with the option "allways chroot" and "enable ssl/tls" turned on.
"Allow Root Login" and "Allow Anonymous Login" were turned off.
SSH was also activated.
When i use WINSCP to connect through SFTP(using the port opened for SSH) towards the server using the michlimit account. The screen opens on the folder I want the user to access but I’m able to go higher up to the other folders.
However, when I use WINSCP with FTP and TLS explecit encryption (and the port for FTP) I’m not allowed to leave the homefolder I setup for the user.
Using Filezilla, another FTP client normal connection fails because it requires ssl/tls encryption.
So I open it while using sftp://ip-adres (port ssh) and again I’m able to go up to other folders.
So In short I’m at a loss why it works on one and not on the other. I want the connection going through secure channels (obviously) and I want to limit my users to specific folders. (even if that means creating lots of datasets for each specific user).
What did I configure wrong/badly? Ask for more screenshots if you need em ^^
