Solved

Setting up VSFTP SERVER

Posted on 2003-11-19
3
2,571 Views
Last Modified: 2010-04-21
i'm trying to setup Very Secure FTP server on my fileserver mainly so that I can annon transfer, delete and get files on /var/ftp/pub from it localy but i can't seem to get annon access to be able to write and delete could anyone share some light on how i'd go about doing this ? i'm using Redhat 8.0 btw with the standard VSFTPd package that comes with it.

cheers, Josh
0
Comment
Question by:Jester-
  • 2
3 Comments
 
LVL 24

Expert Comment

by:shivsa
Comment Utility
0
 
LVL 24

Accepted Solution

by:
shivsa earned 200 total points
Comment Utility

======================
vsftpd Configuration

vsftpd has three configuration files:
/etc/vsftpd.banned_emails -- List of denied anonymous addresses
/etc/vsftpd.chroot_list -- List of local users to chroot
/etc/vsftpd.conf -- General configuration options

To ban a certain anonymous email address such as "mozilla@", simply put it in this file. One address per line.  

To chroot a local user to their home directory, put their username in this file. One username per line. Please note this only matter is you:  

a) are allowing local users to login.  
b) have "chroot_local_user=NO" in /etc/vsftpd.conf  

The configuration options in the vsftpd.conf are commented quite good, so I will not go into much detail here. I will just note a few defaults:  

a) anonymous logins are enabled by default  
b) anonymous users are chrooted to '/home/ftpsecure'  
c) the daemon runs as the user 'ftpsecure'  

Populate the Tree

As the above said, all anonymous users as chrooted to "/home/ftpsecure". This means they will not be able to access any files outside of that directory. You should put all the files you want anonymous ftp users to see in this directory.

Although not necessary, it is recommended that you set up two files:  

/home/ftpsecure/etc/passwd  
/home/ftpsecure/etc/group  

When an anonymous user issues the command "ls", the ftpd will search these files to get the userid to username mappings. If you do not have these files the user will see something like this (note the '0's):

ftp> ls -la  
227 Passive mode engaged (127,0,0,1,30,4)  
150 Here comes the directory listing.  
-rw-r--r-- 1 0 0 0 Apr 13 20:03 that  
-rw-r--r-- 1 0 0 0 Apr 13 20:03 this  
226 Directory send OK.  

As a starting point, you can copy the system /etc/passwd to /home/ftpsecure/etc/passwd and the system /etc/group to /home/ftpsecure/etc/group. After this is done you should remove any users and groups that will not be used in /home/ftpsecure. For example, you will probably want to remove the users 'webd', 'halt', 'sync', etc.  

A sample /home/ftpsecure/etc/passwd would be:

root::0:0:root:/root:/dev/null  
nobody:*:99:99:Nobody:/:  
rwm:x:501:502:Ryan W. Maple:/home/rwm:/dev/null
ben:x:500:502:Ben Thomas:/home/ben:/dev/null  
dave:x:502:502:Dave Wreski:/home/dave:/dev/null
nick:x:503:502:Nick DeClario:/home/nick:/dev/null  
pete:x:504:502:Pete O'Hara:/home/pete:/dev/null  

A sample /home/ftpsecure/etc/group would be:  

root::0:root  
nobody::99:  
gdftp::502:dave,nick,pete,ben,rwm  

Now when a user executes the command "ls", they will see something like this (note was was '0' is now 'root'):  

ftp> ls -la  
227 Passive mode engaged (127,0,0,1,109,222)  
150 Here comes the directory listing.  
drwxr-xr-x 2 root root 4096 Apr 13 20:07 etc  
-rw-r--r-- 1 root root 0 Apr 13 20:03 that  
-rw-r--r-- 1 root root 0 Apr 13 20:03 this  
226 Directory send OK.
==============

Thanks to paullamhkg for compiling instruction step by step.


0
 
LVL 12

Expert Comment

by:paullamhkg
Comment Utility
shivsa already gave you the answer I'm just give you more to read http://vsftpd.beasts.org/

ps. points should go for shivsa, I did nothing here, just have some more info for the asker :)
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

How many times have you wanted to quickly do the same thing to a list but found yourself typing it again and again? I first figured out a small time saver with the up arrow to recall the last command but that can only get you so far if you have a bi…
Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now