Solved

Setting up VSFTP SERVER

Posted on 2003-11-19
3
2,574 Views
Last Modified: 2010-04-21
i'm trying to setup Very Secure FTP server on my fileserver mainly so that I can annon transfer, delete and get files on /var/ftp/pub from it localy but i can't seem to get annon access to be able to write and delete could anyone share some light on how i'd go about doing this ? i'm using Redhat 8.0 btw with the standard VSFTPd package that comes with it.

cheers, Josh
0
Comment
Question by:Jester-
  • 2
3 Comments
 
LVL 24

Expert Comment

by:shivsa
ID: 9783939
0
 
LVL 24

Accepted Solution

by:
shivsa earned 200 total points
ID: 9783961

======================
vsftpd Configuration

vsftpd has three configuration files:
/etc/vsftpd.banned_emails -- List of denied anonymous addresses
/etc/vsftpd.chroot_list -- List of local users to chroot
/etc/vsftpd.conf -- General configuration options

To ban a certain anonymous email address such as "mozilla@", simply put it in this file. One address per line.  

To chroot a local user to their home directory, put their username in this file. One username per line. Please note this only matter is you:  

a) are allowing local users to login.  
b) have "chroot_local_user=NO" in /etc/vsftpd.conf  

The configuration options in the vsftpd.conf are commented quite good, so I will not go into much detail here. I will just note a few defaults:  

a) anonymous logins are enabled by default  
b) anonymous users are chrooted to '/home/ftpsecure'  
c) the daemon runs as the user 'ftpsecure'  

Populate the Tree

As the above said, all anonymous users as chrooted to "/home/ftpsecure". This means they will not be able to access any files outside of that directory. You should put all the files you want anonymous ftp users to see in this directory.

Although not necessary, it is recommended that you set up two files:  

/home/ftpsecure/etc/passwd  
/home/ftpsecure/etc/group  

When an anonymous user issues the command "ls", the ftpd will search these files to get the userid to username mappings. If you do not have these files the user will see something like this (note the '0's):

ftp> ls -la  
227 Passive mode engaged (127,0,0,1,30,4)  
150 Here comes the directory listing.  
-rw-r--r-- 1 0 0 0 Apr 13 20:03 that  
-rw-r--r-- 1 0 0 0 Apr 13 20:03 this  
226 Directory send OK.  

As a starting point, you can copy the system /etc/passwd to /home/ftpsecure/etc/passwd and the system /etc/group to /home/ftpsecure/etc/group. After this is done you should remove any users and groups that will not be used in /home/ftpsecure. For example, you will probably want to remove the users 'webd', 'halt', 'sync', etc.  

A sample /home/ftpsecure/etc/passwd would be:

root::0:0:root:/root:/dev/null  
nobody:*:99:99:Nobody:/:  
rwm:x:501:502:Ryan W. Maple:/home/rwm:/dev/null
ben:x:500:502:Ben Thomas:/home/ben:/dev/null  
dave:x:502:502:Dave Wreski:/home/dave:/dev/null
nick:x:503:502:Nick DeClario:/home/nick:/dev/null  
pete:x:504:502:Pete O'Hara:/home/pete:/dev/null  

A sample /home/ftpsecure/etc/group would be:  

root::0:root  
nobody::99:  
gdftp::502:dave,nick,pete,ben,rwm  

Now when a user executes the command "ls", they will see something like this (note was was '0' is now 'root'):  

ftp> ls -la  
227 Passive mode engaged (127,0,0,1,109,222)  
150 Here comes the directory listing.  
drwxr-xr-x 2 root root 4096 Apr 13 20:07 etc  
-rw-r--r-- 1 root root 0 Apr 13 20:03 that  
-rw-r--r-- 1 root root 0 Apr 13 20:03 this  
226 Directory send OK.
==============

Thanks to paullamhkg for compiling instruction step by step.


0
 
LVL 12

Expert Comment

by:paullamhkg
ID: 9784196
shivsa already gave you the answer I'm just give you more to read http://vsftpd.beasts.org/

ps. points should go for shivsa, I did nothing here, just have some more info for the asker :)
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I am a long time windows user and for me it is normal to have spaces in directory and file names. Changing to Linux I found myself frustrated when I moved my windows data over to my new Linux computer. The problem occurs when at the command line.…
SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now