Difference between revisions of "Ftp server"
Rafahsolis (talk | contribs) |
Rafahsolis (talk | contribs) |
||
| (3 intermediate revisions by the same user not shown) | |||
| Line 8: | Line 8: | ||
To change root directory in /etc/vsftpd.conf: | To change root directory in /etc/vsftpd.conf: | ||
| − | modify: local_root=/ | + | modify: |
| + | local_root=/var/www/sites/$USER | ||
| + | |||
| + | To avoid server automatic startup at boot run: | ||
| + | echo manual >> /etc/init/vsftpd.override | ||
| + | |||
| + | /etc/vsftpd.conf example: | ||
| + | listen=YES | ||
| + | anonymous_enable=NO | ||
| + | local_enable=YES | ||
| + | virtual_use_local_privs=YES | ||
| + | write_enable=YES | ||
| + | connect_from_port_20=YES | ||
| + | secure_chroot_dir=/var/run/vsftpd | ||
| + | pam_service_name=vsftpd | ||
| + | guest_enable=YES | ||
| + | user_sub_token=$USER | ||
| + | local_root=/var/www/sites/$USER | ||
| + | chroot_local_user=YES | ||
| + | hide_ids=YES | ||
| + | |||
| + | |||
| + | == Using PAM to create virtual users== | ||
| + | (using the configuration file example from above) | ||
| + | sudo apt-get install libpam-pwdfile | ||
| + | |||
| + | Create a password for each user (if you have apache installed) | ||
| + | htpasswd -c /etc/vsftpd/passwd bob | ||
| + | htpasswd /etc/vsftpd/passwd alice | ||
| + | .... | ||
| + | |||
| + | Configure PAM to use the password file: | ||
| + | # Customized login using htpasswd file | ||
| + | auth required pam_pwdfile.so pwdfile /etc/vsftpd/passwd | ||
| + | account required pam_permit.so | ||
| + | |||
| + | == Extra options == | ||
| + | If you need to have multiple logins for the same folder, such as for a client who wants each developer to have their own login, then add the following line to the /etc/vsftpd.conf file: | ||
| + | |||
| + | user_config_dir=/var/www/users | ||
| + | |||
| + | It's easiest if each virtual user for a client has a login that starts with that clients name, so alice working for client1 would be<br /> client1-alice. Add their username and password to the password file, and then create a file in the user<br /> | ||
| + | config folder /var/www/users called client1-alice with the single line | ||
| + | local_root=/var/www/sites/client1 | ||
| + | |||
| + | If you are offering multiple logins to lots of clients then it's easiest to create a file for each client eg /var/www/users/client1 would contain the single line | ||
| + | |||
| + | local_root=/var/www/sites/client1 | ||
| + | |||
| + | and then each for user for that client would just create a symbolic link instead | ||
| + | |||
| + | cd /var/www/users | ||
| + | ln -s client1 client1-alice | ||
| + | |||
| + | as you are less likely to make mistakes if each user points to the same file. | ||
Latest revision as of 18:27, 22 May 2015
vsftpd
sudo apt-get install vsftpd
Configuration file: /etc/vsftpd.conf to add users: /etc/ftpusers
After making changes to configuration:
sudo service vsftpd restart
To change root directory in /etc/vsftpd.conf: modify:
local_root=/var/www/sites/$USER
To avoid server automatic startup at boot run:
echo manual >> /etc/init/vsftpd.override
/etc/vsftpd.conf example:
listen=YES anonymous_enable=NO local_enable=YES virtual_use_local_privs=YES write_enable=YES connect_from_port_20=YES secure_chroot_dir=/var/run/vsftpd pam_service_name=vsftpd guest_enable=YES user_sub_token=$USER local_root=/var/www/sites/$USER chroot_local_user=YES hide_ids=YES
Using PAM to create virtual users
(using the configuration file example from above)
sudo apt-get install libpam-pwdfile
Create a password for each user (if you have apache installed)
htpasswd -c /etc/vsftpd/passwd bob htpasswd /etc/vsftpd/passwd alice ....
Configure PAM to use the password file:
# Customized login using htpasswd file auth required pam_pwdfile.so pwdfile /etc/vsftpd/passwd account required pam_permit.so
Extra options
If you need to have multiple logins for the same folder, such as for a client who wants each developer to have their own login, then add the following line to the /etc/vsftpd.conf file:
user_config_dir=/var/www/users
It's easiest if each virtual user for a client has a login that starts with that clients name, so alice working for client1 would be
client1-alice. Add their username and password to the password file, and then create a file in the user
config folder /var/www/users called client1-alice with the single line
local_root=/var/www/sites/client1
If you are offering multiple logins to lots of clients then it's easiest to create a file for each client eg /var/www/users/client1 would contain the single line
local_root=/var/www/sites/client1
and then each for user for that client would just create a symbolic link instead
cd /var/www/users ln -s client1 client1-alice
as you are less likely to make mistakes if each user points to the same file.