no way to compare when less than two revisions
Differences
This shows you the differences between two versions of the page.
— | nslu:ftp_server [2009/11/27 17:54] (current) – created - external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Set up VSFTP ====== | ||
+ | Download and install the VSFTPD package and XINETD package | ||
+ | < | ||
+ | # ipkg install vsftpd | ||
+ | Package vsftpd (2.0.6-2) installed in root is up to date. | ||
+ | Nothing to be done | ||
+ | # ipkg install xinetd | ||
+ | Package xinetd (2.3.14-7) installed in root is up to date. | ||
+ | Nothing to be done | ||
+ | # | ||
+ | </ | ||
+ | |||
+ | Make a jailed user for outside access. | ||
+ | < | ||
+ | adduser -h / | ||
+ | passwd ftpuser | ||
+ | </ | ||
+ | |||
+ | Designate this user as a JAILED user. | ||
+ | / | ||
+ | < | ||
+ | ftpuser | ||
+ | </ | ||
+ | |||
+ | / | ||
+ | < | ||
+ | # Example config file / | ||
+ | # | ||
+ | # The default compiled in settings are fairly paranoid. This sample file | ||
+ | # loosens things up a bit, to make the ftp daemon more usable. | ||
+ | # Please see vsftpd.conf.5 for all compiled in defaults. | ||
+ | # | ||
+ | # READ THIS: This example file is NOT an exhaustive list of vsftpd options. | ||
+ | # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd' | ||
+ | # capabilities. | ||
+ | # | ||
+ | # Allow anonymous FTP? (Beware - allowed by default if you comment this out). | ||
+ | anonymous_enable=NO | ||
+ | # | ||
+ | # Uncomment this to allow local users to log in. | ||
+ | local_enable=YES | ||
+ | # | ||
+ | # Uncomment this to enable any form of FTP write command. | ||
+ | write_enable=YES | ||
+ | # | ||
+ | # Default umask for local users is 077. You may wish to change this to 022, | ||
+ | # if your users expect that (022 is used by most other ftpd' | ||
+ | local_umask=022 | ||
+ | # | ||
+ | # Uncomment this to allow the anonymous FTP user to upload files. This only | ||
+ | # has an effect if the above global write enable is activated. Also, you will | ||
+ | # obviously need to create a directory writable by the FTP user. | ||
+ | # | ||
+ | # | ||
+ | # Uncomment this if you want the anonymous FTP user to be able to create | ||
+ | # new directories. | ||
+ | # | ||
+ | # | ||
+ | # Activate directory messages - messages given to remote users when they | ||
+ | # go into a certain directory. | ||
+ | dirmessage_enable=YES | ||
+ | # | ||
+ | # Activate logging of uploads/ | ||
+ | xferlog_enable=YES | ||
+ | # | ||
+ | # Make sure PORT transfer connections originate from port 20 (ftp-data). | ||
+ | connect_from_port_20=YES | ||
+ | # | ||
+ | # If you want, you can arrange for uploaded anonymous files to be owned by | ||
+ | # a different user. Note! Using " | ||
+ | # recommended! | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | # You may override where the log file goes if you like. The default is shown | ||
+ | # below. | ||
+ | vsftpd_log_file=/ | ||
+ | # | ||
+ | # If you want, you can have your log file in standard ftpd xferlog format | ||
+ | # | ||
+ | # | ||
+ | # You may change the default value for timing out an idle session. | ||
+ | # | ||
+ | # | ||
+ | # You may change the default value for timing out a data connection. | ||
+ | # | ||
+ | # | ||
+ | # It is recommended that you define on your system a unique user which the | ||
+ | # ftp server can use as a totally isolated and unprivileged user. | ||
+ | nopriv_user=ftp | ||
+ | # | ||
+ | # Enable this and the server will recognise asynchronous ABOR requests. Not | ||
+ | # recommended for security (the code is non-trivial). Not enabling it, | ||
+ | # however, may confuse older FTP clients. | ||
+ | # | ||
+ | # | ||
+ | # By default the server will pretend to allow ASCII mode but in fact ignore | ||
+ | # the request. Turn on the below options to have the server actually do ASCII | ||
+ | # mangling on files when in ASCII mode. | ||
+ | # Beware that turning on ascii_download_enable enables malicious remote parties | ||
+ | # to consume your I/O resources, by issuing the command "SIZE / | ||
+ | # ASCII mode. | ||
+ | # These ASCII options are split into upload and download because you may wish | ||
+ | # to enable ASCII uploads (to prevent uploaded scripts etc. from breaking), | ||
+ | # without the DoS risk of SIZE and ASCII downloads. ASCII mangling should be | ||
+ | # on the client anyway.. | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | # You may fully customise the login banner string: | ||
+ | ftpd_banner=Welcome to the NSLU2 vsftp daemon. | ||
+ | # | ||
+ | # You may specify a file of disallowed anonymous e-mail addresses. Apparently | ||
+ | # useful for combatting certain DoS attacks. | ||
+ | # | ||
+ | # (default follows) | ||
+ | # | ||
+ | # | ||
+ | # You may specify an explicit list of local users to chroot() to their home | ||
+ | # directory. If chroot_local_user is YES, then this list becomes a list of | ||
+ | # users to NOT chroot(). | ||
+ | chroot_list_enable=YES | ||
+ | # (default follows) | ||
+ | chroot_list_file=/ | ||
+ | # | ||
+ | # You may activate the " | ||
+ | # default to avoid remote users being able to cause excessive I/O on large | ||
+ | # sites. However, some broken FTP clients such as " | ||
+ | # the presence of the " | ||
+ | ls_recurse_enable=YES | ||
+ | </ | ||
+ | |||
+ | Allow the XINETD super service to start-up FTP daemons for us. | ||
+ | |||
+ | / | ||
+ | < | ||
+ | service ftp | ||
+ | { | ||
+ | socket_type = stream | ||
+ | wait = no | ||
+ | user = root | ||
+ | server = / | ||
+ | server_args = / | ||
+ | nice = 10 | ||
+ | disable = no | ||
+ | only_from = 0.0.0.0/0 | ||
+ | } | ||
+ | </ | ||
+ | |||
+ | **Update: | ||
+ | |||
+ | < | ||
+ | #only_from = 0.0.0.0/0 | ||
+ | only_from += .btcentralplus.com | ||
+ | only_from += .btopenworld.com | ||
+ | only_from += .virginmedia.com | ||
+ | only_from += .ntl.com | ||
+ | only_from += .optusnet.com.au | ||
+ | only_from += .bigpond.com.au | ||
+ | # and Locally too. | ||
+ | only_from += 192.168.1.0/ | ||
+ | </ | ||
+ | |||
+ | {{tag> |