Configuring VSFTPd Server

[znx]

After a bit of discussion...

 

Code:

/etc/init.d/vsftpd stop
/etc/init.d/vsftpd zap
/etc/init.d/vsftpd start

 

did this clear it?

[Navrax]

Yep [img]<___base_url___>/public/style_emoticons/default/biggrin.gif[/img]

Buut...The problem still remains when I try and get a dir [img]<___base_url___>/public/style_emoticons/default/sad.gif[/img] IF I Can't get a directory listening, how can I transfer files [img]<___base_url___>/public/style_emoticons/default/sad.gif[/img]

[znx]

If its working then its probably that you have the ftp files in the wrong place? The default directory under gentoo is /home/ftp .. so thats where you should place your files? Either that or link the more correct FHS dir /var/ftp back to it.. like this:

 

Code:

rmdir /home/ftp
mkdir /var/ftp
chown ftp:ftp /var/ftp
ln -s /var/ftp /home/

Thanks to Gentoo-Wiki

[Navrax]

I've done this command.. [img]<___base_url___>/public/style_emoticons/default/sad.gif[/img]

[anyweb]

hi guys,

 

ive formatted my windows 2003 server and now have installed fedora core release 4 on it instead (on the first hdd)

 

i've also formatted the remaining three hdd's using ext3 filesystem and they are all blank with the intention of filling them up again to store files as a ftp server.

 

ive installed vsftpd and i can ftp in no problems locally, what i'd like to know is how can i make the ftp login more secure than standard ftp ? on my windows box i had implicit SSL as the login method, but i dont think i have such an option on vsftpd,

 

any ideas ?

 

also if i log in as a local user i can browse /home/user and even /home and /

 

it lists the files in there and lets my change dir, why ? and how can i force the user (s) to specific dirs only ?

 

thanks in advance

 

cheers

anyweb

[xDamox]

Hi,

 

Anyweb the first option you can set in vsftpd is chroot_local_user

 

chroot_local_user If set to YES, local users will be (by default) placed in a chroot() jail in their home directory

after login. Warning: This option has security implications, especially if the users have upload

permission, or shell access. Only enable if you know what you are doing. Note that these security

implications are not vsftpd specific. They apply to all FTP daemons which offer to put local users

in chroot() jails.

 

Default: NO

Here are some security options for vsftpd: 

force_local_logins_ssl Only applies if ssl_enable is activated. If activated, all non-anonymous logins are forced to use

a secure SSL connection in order to send the password.

 

Default: YES

 

ssl_enable If enabled, and vsftpd was compiled against OpenSSL, vsftpd will support secure connections via

SSL. This applies to the control connection (including login) and also data connections. You

[anyweb]

thanks !

 

the chroot works perfectly however when i enable the ssl stuff i get connection refused on the ftp server

 

i'm ftp'ing via command line from another linux box if that helps

 

cheers

 

anyweb

[hijinks]

the normal ftp client doesn't support ssl

[znx]

FTP over SSL is not needed really for personal home use.. use sftp instead. If you need a secure large scale FTP .. then ftps is useful.

 

Code:

sftp user@host

 

It comes with the basic SSH install on all systems. Anyone who can login with ssh .. can sftp too. You might be interested in scp too :)

[Shadowcat]

FTP over SSL is not supported very well in Linux at all. Clients are almost non-existant