Vsftpd
Jump to navigation
Jump to search
Vsftpd Vademecum
Single user config
/etc/vsftpd.conf
# If enabled, vsftpd will run in standalone mode listen=YES listen_port=10021 ftp_data_port=10020 connect_from_port_20=NO pasv_enable=YES pasv_min_port=12000 pasv_max_port=12010 # Controls whether anonymous logins are permitted or not anonymous_enable=NO # If enabled, all non-anonymous logins are classed as "guest" logins. guest_enable=NO # Controls whether local logins are permitted or not. local_enable=YES # When enabled, all FTP requests and responses are logged, providing the option xferlog_std_format is not enabled. Useful for debugging. log_ftp_protocol=YES # If set to YES, local users will be (by default) placed in a chroot() jail in their home directory after login. chroot_local_user=YES # This controls whether any FTP commands which change the filesystem are allowed or not. write_enable=YES # If enabled, a log file will be maintained detailling uploads and downloads. xferlog_enable=YES # If activated, files and directories starting with . will be shown in directory listings force_dot_files=YES
Multiple user config
dependences
apt-get install libpam-pwdfile apache2-utils usermod -d /srv/domain www-data
/etc/vsftpd.conf
# If enabled, vsftpd will run in standalone mode listen=YES listen_port=10021 ftp_data_port=10020 connect_from_port_20=NO pasv_enable=YES pasv_min_port=12000 pasv_max_port=12010 # Allow anonymous FTP? (Beware - allowed by default if you comment this out). anonymous_enable=NO nopriv_user=ftp # Uncomment this to allow local users to log in. local_enable=YES write_enable=YES local_umask=002 chroot_local_user=YES user_sub_token=$USER local_root=/srv/domain/$USER # If enabled, all non-anonymous logins are classed as "guest" logins. guest_enable=YES guest_username=www-data virtual_use_local_privs=YES hide_ids=YES syslog_enable=YES log_ftp_protocol=NO # Activate logging of uploads/downloads. xferlog_enable=NO # This string is the name of the PAM service vsftpd will use. pam_service_name=vsftpd
/etc/pam.d/vsftpd
# PAM configuration file for vsftpd auth required pam_pwdfile.so pwdfile /etc/vsftpd.passwd account required pam_permit.so
Enable ftp users
htpasswd -c /etc/vsftpd.passwd ${USERNAME}