Geody Labs


# Main Index: Debian Linux Magic Spells Cheat Sheet (one liners, how to, tips and tricks)

# FTP Server

Note that FTP protocol is deprecated in favor of SSH connections, because it's unencrypted and unsecure.

PROFTP

apt-get install proftpd (run as standalone) Create an user called "www" to access the www directory: adduser --home /var/www www Allow FTP access to the user "www": jed /etc/proftpd.conf Add the following lines in the user section of the proftpd configuration file: <Anonymous ~www> User www Group www DirFakeUser on ftp DirFakeGroup on ftp RequireValidShell off MaxClients 2 DisplayLogin welcome.msg DisplayFirstChdir .message <Directory *> <Limit READ WRITE STOR> AllowAll </Limit> </Directory> </Anonymous> /etc/init.d/proftpd restart

VSFTP

# VSFTP allows virtual users, besides real shell users and anonymous users (you can simulate a chroot'ed FTP) apt-get install vsftpd apt-get install libpam-pwdfile Create a password file for virtual users: # Note: htpasswd only allows passwords up to 8 characters long htpasswd -bc /etc/vsftpd_passwd USERNAME PASSWORD Additional users can be created without the -c parameter. The same statement can be used to change the password for an existing user: htpasswd -b /etc/vsftpd_passwd USERNAME PASSWORD If you want to enter the password manually, omit the -b parameter: htpasswd /etc/vsftpd_passwd USERNAME Use this command to remove a virtual user: htpasswd -D /etc/vsftpd_passwd USERNAME You'll need to create a directory for each virtual user (unless you configure vsftp otherwise): First, create the main directory for all virtual users: mkdir /var/www/ftp Then create a directory for each virtual user with proper read/write permissions: mkdir /var/www/ftp/USERNAME chmod 755 /var/www/ftp/USERNAME chown ftp /var/www/ftp/USERNAME Configure PAM (Pluggable Authentication Modules aka X/Open Single Sign-on) for vsftp: jed /etc/pam.d/vsftpd # Log in using htpasswd password file auth required pam_pwdfile.so pwdfile /etc/vsftpd_passwd account required pam_permit.so jed /etc/vsftpd.conf # Config file /etc/vsftpd.conf listen=YES #listen_ipv6=YES anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 anon_upload_enable=NO anon_mkdir_write_enable=NO dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES #chown_uploads=YES #chown_username=ftp xferlog_file=/var/log/vsftpd.log #xferlog_std_format=YES idle_session_timeout=600 data_connection_timeout=120 #nopriv_user=ftp #async_abor_enable=YES #ascii_upload_enable=YES #ascii_download_enable=YES ftpd_banner=Welcome #deny_email_enable=YES #banned_email_file=/etc/vsftpd.banned_emails chroot_local_user=YES #chroot_list_file=/etc/vsftpd.chroot_list #ls_recurse_enable=YES secure_chroot_dir=/var/run/vsftpd pam_service_name=vsftpd rsa_cert_file=/etc/ssl/certs/vsftpd.pem guest_enable=YES virtual_use_local_privs=YES #user_config_dir=/etc/vsftpd_user_conf #guest_username=ftp user_sub_token=$USER local_root=/var/www/ftp/$USER hide_ids=YES #cmds_allowed=PASV,BYE,LIST,ABOR,CWD,NLST,PORT,PWD,QUIT,RETR,SIZE,TYPE # Note that the option user_config_dir lets you create custom vsftp configuration files for each virtual users # You can create a config file with the name of the virtual user within the specified path jed /etc/vsftpd_user_conf/USERNAME # VSFTP extra config for user USERNAME local_root=/var/www/example.com/www/USERNAME Restart VSFTP to make it work with the new users or configuration: /etc/init.d/vsftpd restart




Please DONATE to support the development of Free and Open Source Software (PayPal, Credit Card, Bitcoin, Ether)

Page issued on 25-Sep-2022 03:56 GMT
Copyright (c) 2022 Geody - Legal notices: copyright, privacy policy, disclaimer