LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 09-29-2009, 05:50 PM   #1
lucmove
Senior Member
 
Registered: Aug 2005
Location: Brazil
Distribution: Debian Stretch
Posts: 1,105

Rep: Reputation: 85
Help configuring vsftpd


I need to set up an FTP service. I don't like it because I don't trust FTP, but I need it. I have decided to go with vsftpd and I am very confused as to what the best arrangement of users, local users, virtual users and anonymous users would be. I have the following requirements:

- One person, not very knowledgeable of computers and security, will use the service. I am the "sys admin," but I want to intervene as little as possible.

- That person needs to be able to receive large files over FTP occasionally. Files will be uploaded by her clients. She may have a list of clients now, but I don't want to depend on lists of allowed users. I want to allow some kind of broad access.

- I want the clients to be able to upload files only. Nothing else.

- I want the person to be able to upload, download, rename, delete etc.

So far, I have the following problems:

- I made her a local user -- but did not allow her SSH/shell login access. So she can log in and manage everything inside that directory /home/person. But she also can 'cdup' out of the /home directory and snoop around. I don't want that.

- Anonymous users (without login and password) can connect, but they can't even list the contents of the directory. I would be fine with that, but they can't upload either. I need to give them upload permission.

I think the permission scheme on vsftpd is overly complex and confusing. I can't understand how to achieve:

- one person with almighty power inside ONE directory (unable to escalate out of /home);

- unlimited number of people authorized to upload only. And, of course, unable to peek out of that directory;

- I have plenty of settings for anonymous access:
Code:
anonymous_enable=YES
local_enable=YES
write_enable=YES
local_umask=022
anon_umask=077
anon_upload_enable=YES
anon_mkdir_write_enable=YES
But vsftpd insists on demanding login and password. What else do I have to do to enable anonymous access?
 
Old 09-29-2009, 09:54 PM   #2
gmartin
Member
 
Registered: Mar 2003
Location: PA
Distribution: Slackware 13.37 Linux Reg # 341245
Posts: 285

Rep: Reputation: 40
We use this setup for a public ftp site. Sorry I cannot help with configuration. But, just in case you haven't seen it, sshd allows file transfers. We use WinSCP for those who need a friendly file transfer gui that *looks* just like FTP.

(my apologies if you already know all this)
 
Old 09-29-2009, 10:01 PM   #3
gmartin
Member
 
Registered: Mar 2003
Location: PA
Distribution: Slackware 13.37 Linux Reg # 341245
Posts: 285

Rep: Reputation: 40
Can you use chroot to jail the ftp daemon into its own directory tree?

Allowing anonymous upload is going to lead to problems with nefarious users uploading things you don't want. So, make sure you monitor disk space and consider implementing quotas to save your system.
 
Old 10-01-2009, 01:44 AM   #4
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 7.7 (?), Centos 8.1
Posts: 17,863

Rep: Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598
Quote:
no_anon_password
When enabled, this prevents vsftpd from asking for an anonymous
password - the anonymous user will log straight in.

Default: NO
http://linux.die.net/man/5/vsftpd.conf

You are also going to need

chown_uploads=yes
chown_username=<the user you want to be able to read these files>
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
configuring vsftpd directory jzimm0007@msn.com Linux - General 7 10-10-2007 12:31 AM
configuring vsftpd sidra Red Hat 8 04-30-2007 05:15 PM
A Problem in Configuring VSFTPd... regnox Linux - Newbie 1 08-25-2005 12:33 PM
problem configuring VSFTPD e1000 Linux - Networking 2 11-16-2003 12:11 AM
Configuring vsftpd Coldmiser Linux - Software 2 10-21-2003 07:17 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 04:42 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration