vsftp als einfacher FTP-Server

Das Paket vsftp installieren

aptitude install vsftp

fertig … ;-) nicht ganz

Konfiguration

/etc/vsftpd.conf

# Run standalone?  vsftpd can run either from an inetd or as a standalone
# daemon started from an initscript.
listen=YES
...
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
...
# Uncomment this to allow local users to log in.
local_enable=YES
...
# Uncomment this to enable any form of FTP write command.
write_enable=YES
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
# You may override where the log file goes if you like. The default is shown
# below.
xferlog_file=/var/log/vsftpd.log
# If you want, you can have your log file in standard ftpd xferlog format
xferlog_std_format=YES
# You may restrict local users to their home directories.  See the FAQ for
# the possible risks in this before using chroot_local_user or
# chroot_list_enable below.
chroot_local_user=YES
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd.chroot_list
# This option specifies the location of the RSA certificate to use for SSL
# encrypted connections.
rsa_cert_file=/etc/ssl/certs/vsftpd.pem

Im Grunde war es das. Weiter Optionen müssen nicht inbedingt geändert werden. Das Zertifikat nicht vergessen zu setzen.

Zugangsrestriktionen

Hier schlägt pam voll easy zu. /etc/pam.d/vsftpd

# Standard behaviour for ftpd(8).
auth    required        pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed

# Note: vsftpd handles anonymous logins on its own.  Do not enable
# pam_ftp.so.

# Standard blurb.
@include common-account
@include common-session

@include common-auth
auth    required        pam_shells.so auth
auth    required        pam_wheel.so group=wheel
Einfach eine gruppe Definieren, wer ftp benutzen darf.

Tada, Wenn vsftpd im listen-mode läuft sollte er jetzt restartet werden.

  • als OpenOffice-Datei speichern
  • als PDF-Datei speichern
  • Werkzeuge:
 
public/vsftp.txt · Zuletzt geändert: 2014/09/21 17:41 (Externe Bearbeitung) · [Ältere Versionen]
Recent changes RSS feed Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki