-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvsftp-server
90 lines (62 loc) · 2.31 KB
/
vsftp-server
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
############ Configuration suitable for UBUNTU SERVER ######################
sudo adduser sammy
Assign a password when prompted and feel free to press “ENTER” through the other prompts.
Create the ftp folder, set its ownership, and be sure to remove write permissions with the following commands:
sudo mkdir /home/sammy/ftp
sudo chown nobody:nogroup /home/sammy/ftp
sudo chmod a-w /home/sammy/ftp
Let’s verify the permissions:
sudo ls -la /home/sammy/ftp
Output
total 8
4 dr-xr-xr-x 2 nobody nogroup 4096 Aug 24 21:29 .
4 drwxr-xr-x 3 sammy sammy 4096 Aug 24 21:29 ..
Next, we’ll create the directory where files can be uploaded and assign ownership to the user:
sudo mkdir /home/sammy/ftp/files
sudo chown sammy:sammy /home/sammy/ftp/files
A permissions check on the files directory should return the following:
sudo ls -la /home/sammy/ftp
Output
total 12
dr-xr-xr-x 3 nobody nogroup 4096 Aug 26 14:01 .
drwxr-xr-x 3 sammy sammy 4096 Aug 26 13:59 ..
drwxr-xr-x 2 sammy sammy 4096 Aug 26 14:01 files
sudo nano /etc/vsftpd.conf
/etc/vsftpd.conf
. . .
# Allow anonymous FTP? (Disabled by default).
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
local_enable=YES
. . .
. . .
write_enable=YES
. . .
. . .
chroot_local_user=YES
. . .
user_sub_token=$USER
local_root=/home/$USER/ftp
pasv_min_port=40000
pasv_max_port=50000
userlist_enable=YES
userlist_file=/etc/vsftpd.userlist
userlist_deny=NO
userlist_deny toggles the logic. When it is set to “YES”, users on the list are denied FTP access. When it is set to “NO”, only users on the list are allowed access. When you’re done making the change, save and exit the file.
Finally, we’ll create and add our user to the file. We’ll use the -a flag to append to file:
echo "sammy" | sudo tee -a /etc/vsftpd.userlist
Double-check that it was added as you expected:
cat /etc/vsftpd.userlistOutput
sammy
Restart the daemon to load the configuration changes:
sudo systemctl restart vsftpd
Now we’re ready for testing.
sudo tail -f /var/log/vsftpd.log -n 200
I used the following commands:
mkdir /home/sammy/ftp/www_html
mount --bind /var/www/html/ /home/sammy/ftp/www_html
sudo nano /etc/fstab
and then added the following line to that fstab:
/var/www/html /home/sammy/ftp/www_html none bind 0 0
usermod -a -G www-data utente