FTP server configuration (/etc/vsftp/)
Reference 1: Active FTP vs. Passive FTP, a Definitive ExplanationReference 2: Manpage of VSFTPD.CONFReference 3: Setting up an anonymous ftp siteReference 4: Red Hat Enterprise Reference guide: FTPReference 5: FTP mirrorIt is important to note that it is an error to put any space between the option, = and value or at the end of every line.
Original file (vsftp.conf): # Example config file /etc/vsftpd/vsftpd.confanonymous_enable=YESlocal_enable=YESwrite_enable=YESlocal_umask=022connect_from_port_20=YESdirmessage_enable=YESxferlog_enable=YESxferlog_std_format=YESlisten=YESuserlist_enable=YEStcp_wrappers=YESpam_service_name=vsftpdOriginal file (user_list): # vsftpd userlist# If userlist_deny=YES (default), never allow users in this file, and# do not even prompt for a password.# Note that the default vsftpd pam config also checks /etc/vsftpd/ftpusers for users that are denied.rootbindaemonadmlpsyncshutdownhaltmailnewsuucpoperatorgamesnobodyOriginal file (ftpusers): # Users that are not allowed to login via ftprootbindaemonadmlpsyncshutdownhaltmailnewsuucpoperatorgamesnobodySimple test setup: allowing anonymous user download from /var/ftp/pub, upload to /var/ftp/incoming. Everything in the ftp server is world readable.anonymous_enable=YESanon_upload_enable=YESwrite_enable=YESdownload_enable=YESlocal_enable=YESwrite_enable=YES local_umask=022connect_from_port_20=YESdirmessage_enable=YES # when a new directory is entered, the .message will display. xferlog_enable=YESxferlog_std_format=YESlisten=YESuserlist_enable=YEStcp_wrappers=YESpam_service_name=vsftpdlog_ftp_protocol=YES #Useful for debugging ftpd_banner=Hi welcome to FTP server web1#End of vsftp.conf. We need to change the security context. Using the following: # chcon -R -t public_content_t /var/ftp/pub# chcon -R -t public_content_rw_t /var/ftp/incoming
# setsebool -P allow_ftpd_anon_write=1# chmod og=rw * (for files)
# chmod -R a+wx (for folders)
| |
|