- install vstpd server
apt-get install vsftpd
- go to /etc/vsftpd.conf file and edit it(keep old default settings besides these below!!!)
– set logging file
xferlog_file=/var/log/vsftpd/vsftpd.log
- enable logging transfers stats
xferlog_enable=YES
- set iddle session timout to 300 secs
idle_session_timeout=300
- set banner
ftpd_banner=Welcome to danpol.net FTP Server
- enable anonymous ftp
anonymous_enable=YES
- set max clients(total) and per ip
max_clients=30
max_per_ip=6
- restart vsftpd server
/etc/init.d/vsftpd restart
————- now you have working ftp anonymous server(Read-only) —————–
———– working dir is /srv/ftp ————-
Anonymous FTP with write access
- create dir “pub” under /srv/ftp(default location) or dir specified by option “anon_root” with 755 permission and ftp:ftp chown
set umask for anon dirs
anon_umask=0022
226 Transfer done (but failed to open directory) – typical mistake when vsftpd creates 700 directory
- enable(uncomment) write access
write_enable=YES
it is necessary to allow write data on ftp server. Ftp user has to have write permission on parent directory.
- allow to upload files
anon_upload_enable=YES
- allow to create dirs by anonymous users
anon_mkdir_write_enable=YES
- allow anon users different operation than create dir or upload date,e.g. delete or rename
anon_other_write_enable=YES
- change anonymously uploaded files owner to “chown_username”
chown_uploads=YES
chown_username=ftp
User "ftp" can be different but has to exist in system.DO NOT USE "root" or any powerfull account.!!!Set shell to false
- delete failed uploaded files
delete_failed_uploads=YES
-
disable password for anonymous user(user will no be asked for password)
no_anon_password=YES
- set dir for anon data to different dir,e.g. /home/ftp
- set max transfer rate for anonymous clients in b/s (bytes/secs)
anon_max_rate=500000
500 KB/s (kilobytes per secs)
- hide ftp server user ID,always ftp will be used
hide_ids=YES
Helpfull command:
- for firewall configuration where FTP inspection is not working.It will limit range of ports for passive mode
pasv_min_port=59000Â and pasv_max_port=60000
- allow old ftp client to cancel in-progress transfers
async_abor_enable=YES
dzbanek 2012-11-21