Plesk Multiple FTP Accounts Per Domain

May 27, 2008


Plesk on Media Temple’s (dv) server doesn’t allow you to create multiple FTP accounts per domain. For instance, I want to create domain.com/my/folder as a FTP account. They are building this functionality into Plesk 9, but until then you have to do a little command line work.


Plesk allows you to create multiple FTP accounts per domain with the command line. Basically you do the following:



/usr/sbin/useradd -d /your_domain/some/location -s /bin/false USER_NAME 

/usr/sbin/usermod -G psacln USER_NAME 

chmod 755 $HTTPD_VHOSTS_D/your_domain/some/location 

chown USER_NAME:psacln $HTTPD_VHOSTS_D/your_domain/some/location 

chmod 751 $HTTPD_VHOSTS_D/your_domain/httpdocs 

passwd USER_NAME

The article I linked to above goes into more detail on each command. However they left out one key command at the end. “passwd” allows you to set the user’s password. Voila, multiple accounts per domain!

19 comments

#1. aimClear on May 27, 2008

Thanks for the insight Marc.

#2. brian on June 14, 2008

Good info, I’m using their grid, can you speak to the service you have received from their DV box?

#3. Marc on June 16, 2008

Their DV box has been perfect to learn the ins and outs of server administration. Every time I’ve contacted Media Temple they have given me an answer promptly. I am very happy with their service.

#4. Federico on January 16, 2009

Plesk sucks, I’m paying a licence and if I want to add an additional ftp account y have to use the command line..
Try ISP-config..

#5. Simplesurfer on April 14, 2009

aloha… it would be super valuable if you could tell us what values to sub out….

your_domain/some/location = location to exactly where (where we want the ftp user to have access to?)
USER_NAME = the new user name ? the old user name? a plesk created name?
/your_domain/some/location = new location? same location?
/your_domain/some/location = (same as above)
passwd USER_NAME = this would make a username with the password username? can we change this ?

Thanks a lot for your post, im going to give this a shot later…yahoo

#6. Dan on April 22, 2009

Just a note, on my server I have to set the password for the user before I chown the dir, otherwise it chowns it to the user without a password and won’t let me connect.

So my steps were 1,6,2,3,4,5 using the line numbers above. Give this a try if you follow the steps but are still unable to login with your new user.

#7. mike bosnich on May 23, 2009

Good solution
Thanks

#8. erwin on November 18, 2009

any idea how i can limiting disk space of these new ftp accounts?

#9. electblake on November 23, 2009

Create a user in plesk and then customize its access:

http://updel.com/additional-ftp-plesk/

#10. David Russell on January 18, 2010

After following these steps (in 1,6,2,3,4,5 order, as it seemed necessary) I can log in using the new user account, but the directory that I allowed this user to view (a subdomain) is empty. However, there are plenty of files in this directory already as verified when logging back in with my own account. I am thinking one of these permission setting commands must be the trick for me, but I am at a loss.

Anyone have any ideas?

#11. Marc Grabanski on January 18, 2010

Try resetting the home directory the user sees by running /usr/sbin/usermod -d /subdomain/directory/. Otherwise, I have no idea without trying things myself sorry.

#12. David Russell on January 18, 2010

Thanks, Marc. That didn’t work for me (assuming placing the username at the end of that command was the tweak to specify the user.) Not only did it not show the files in the /httpdocs directory, it also did not seem to change the home directory. The user still sees root, though is limited to following the path I laid out in the user editing.

I’ll keep hunting for a solution. If you have any other ideas, please add them to the mix. I’m not proficient at CLI at all, especially not in server management, so anything helps me out.

#13. David Russell on January 18, 2010

I thought I would follow-up with what worked for me. First and foremost, I am very much a novice at this type of activity. I am only doing this because my host (MT) does not have a more friendly method of managing FTP users. So I have no idea about the security of the following, though it seems fine to me. If anyone more knowledgeable can confirm or deny this, please chime in.

Okay, back to my problem. For some reason, the new user I created was put into a group with the same name as the username. I discovered this by viewing:

cat /etc/group

The last line of this file said:

newuser:x:10008 [the number there may be different for you]\

The space that newuser is in is actually the name of a group.

From there, I renamed the group to something else:

vi /etc/group
then:
i [to INSERT and modify line, changed newuser to newgroup]
ctrl-c
:q [to quit vim]

Then I changed the group of the directory and all subfolders of that directory that I wanted this user to access:

chgrp -hR newgroup /path/to/folder

This worked like a charm for me, but your experience might be different.

#14. Dmitry on April 30, 2010

Here is another way, I found it much more cleaner:

  1. touch /etc/proftpd.authuserfile
  2. edit /etc/proftpd.include and add such line: AuthUserFile /etc/proftpd.authuserfile
  3. just edit proftpd.authuserfile and add record by pattern: username:crypted_pass:uid:gid:gekos:home:shell Mine looks like
    someacc:xhppo.NGU0Fjw:10065:2523::/var/www/vhosts/example.org/private/someacchome:/bin/false

You can generate crypted password by calling openssl passwd -crypt passwordhere from command line.

There are different encryption algorithms, and it may depend on your system which one you should use (-crypt for crypt, -1 for md5, -apr1 for apr). But it looks like -crypt should be working everywhere.

Using this approach you can create “virtual” user that will have same uid/gid as existing one, and eliminate boring permissions problems.

You can take a look at /etc/passwd to find corresponding uid/gid.

And finally, you could use both methods at the same time!

#15. Dacon on May 07, 2010

On our system (Ubuntu 8.04) the correct paths where:

  1. /usr/sbin/useradd -d /var/www/vhosts/your_domain/some/location -s /bin/false USER_NAME
  2. /usr/sbin/usermod -G psacln USER_NAME
  3. chmod 755 /var/www/vhosts/your_domain/some/location
  4. chown USER_NAME:psacln /var/www/vhosts/your_domain/some/location
  5. chmod 751 /var/www/vhosts/your_domain/httpdocs
  6. passwd USER_NAME
#16. Andrew on September 23, 2010

Very insightful! Thanks Marc!

#17. Jake Toolson on October 08, 2010

Thanks for the help with this… got it working in a few minutes after spending an hour or so looking for FTP management in plesk on (mt).

#18. Roke on November 11, 2010

using after the creation of the user the command usermod -G psacln do that the ftp users of that domain cant see his documents if dont get permissions.

Is better to create the user forcing the psacln group, you can do with this:
/usr/sbin/useradd -d location/somefolder -s /bin/false -g psacln username

After that do
chow Userdomain:psacln somefolder
chmod 775 somefolder
With this all ftp users of that domain can see the documents that have the others users but cant change.

Best Regards.
http://www.rokeblog.com

#19. Blake on December 12, 2010

everything makes perfect sense, no issues. my question is, what exactly is this line doing? i get what is happening everywhere else, but why do this line? thanks, i am new to this and just ensuring i am understanding everything.

chmod 751 /var/www/vhosts/your_domain/httpdocs

Leave a comment

Comment in textile images by gravatar