FTP: Basic Configuration
Server Training - FTP Server

The initial installation of VSFTPD provides several basic settings in the /etc/vsftpd/vsftpd.conf file.  This lesson will focus on understanding those options so that you can exapand on them if you want to.

Lesson 2 / Lesson 4

Here is a list of the basic configuration that is installed by default.  As you can see it will allow anonymous  FTP, the ability of local users to login to their home directories and download files, is configured to use tcp_wrappers and provides a a file where you can list those who should not have access to FTP.

anonymous_enable=YES
local_enable=YES

pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES

In the /etc/vsftpd directory you will find a default file called ftpusers.

Controlling Access of Local Users
Deny users –> /etc/vsftpd/ftpusers
When you put user names in this file they will be denied access to FTP. Notice that in the default vsftpd/ftpusers file the names that should never log into ftp are listed to prevent that. If you install software on your server that creates a name for use with that program, you may want to put that name in here as well. Remember, when users log into ftp it is in plain text and it does create security issues.

Now, if you had local users whom you did not want to log into your system with ftp you could place their names in this list as well, one name to a line.

# Users that are not allowed to login via ftp
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody

 

Copyright CyberMontana Inc. and BeginLinux.com
All rights reserved. Cannot be reproduced without written permission. Box 1262 Trout Creek, MT 59874