Results 1 to 10 of 10

Thread: Public, anonymous FTP with vsftpd

  1. #1
    Join Date
    Apr 2007
    Beans
    40

    Public, anonymous FTP with vsftpd

    Hello,

    In my house I have a small computer running ubuntu karmic that works as a server/media center.

    I would like to have a folder (my ~/public folder) openly available to the entire world via anonymous ftp.

    I have read somewhere that the defauld vsftpd config is basically this: no local user login, anon only and sharing a folder called /home/ftp, but I can't get this to work.

    Here is my /etc/vsftpd.conf file:

    Code:
    # Example config file /etc/vsftpd.conf
    #
    # The default compiled in settings are fairly paranoid. This sample file
    # loosens things up a bit, to make the ftp daemon more usable.
    # Please see vsftpd.conf.5 for all compiled in defaults.
    #
    # READ THIS: This example file is NOT an exhaustive list of vsftpd options.
    # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
    # capabilities.
    #
    #
    # Run standalone?  vsftpd can run either from an inetd or as a standalone
    # daemon started from an initscript.
    listen=YES
    #
    # Run standalone with IPv6?
    # Like the listen parameter, except vsftpd will listen on an IPv6 socket
    # instead of an IPv4 one. This parameter and the listen parameter are mutually
    # exclusive.
    #listen_ipv6=YES
    #
    # Allow anonymous FTP? (Beware - allowed by default if you comment this out).
    anonymous_enable=YES
    #
    # Uncomment this to allow local users to log in.
    #local_enable=YES
    #
    # Uncomment this to enable any form of FTP write command.
    #write_enable=YES
    #
    # Default umask for local users is 077. You may wish to change this to 022,
    # if your users expect that (022 is used by most other ftpd's)
    #local_umask=022
    #
    # Uncomment this to allow the anonymous FTP user to upload files. This only
    # has an effect if the above global write enable is activated. Also, you will
    # obviously need to create a directory writable by the FTP user.
    #anon_upload_enable=YES
    #
    # Uncomment this if you want the anonymous FTP user to be able to create
    # new directories.
    #anon_mkdir_write_enable=YES
    #
    # Activate directory messages - messages given to remote users when they
    # go into a certain directory.
    dirmessage_enable=YES
    #
    # If enabled, vsftpd will display directory listings with the time
    # in  your  local  time  zone.  The default is to display GMT. The
    # times returned by the MDTM FTP command are also affected by this
    # option.
    use_localtime=YES
    #
    # Activate logging of uploads/downloads.
    xferlog_enable=YES
    #
    # Make sure PORT transfer connections originate from port 20 (ftp-data).
    connect_from_port_20=YES
    #
    # If you want, you can arrange for uploaded anonymous files to be owned by
    # a different user. Note! Using "root" for uploaded files is not
    # recommended!
    #chown_uploads=YES
    #chown_username=whoever
    #
    # You may override where the log file goes if you like. The default is shown
    # below.
    #xferlog_file=/var/log/vsftpd.log
    #
    # If you want, you can have your log file in standard ftpd xferlog format.
    # Note that the default log file location is /var/log/xferlog in this case.
    #xferlog_std_format=YES
    #
    # You may change the default value for timing out an idle session.
    #idle_session_timeout=600
    #
    # You may change the default value for timing out a data connection.
    #data_connection_timeout=120
    #
    # It is recommended that you define on your system a unique user which the
    # ftp server can use as a totally isolated and unprivileged user.
    #nopriv_user=ftpsecure
    #
    # Enable this and the server will recognise asynchronous ABOR requests. Not
    # recommended for security (the code is non-trivial). Not enabling it,
    # however, may confuse older FTP clients.
    #async_abor_enable=YES
    #
    # By default the server will pretend to allow ASCII mode but in fact ignore
    # the request. Turn on the below options to have the server actually do ASCII
    # mangling on files when in ASCII mode.
    # Beware that on some FTP servers, ASCII support allows a denial of service
    # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
    # predicted this attack and has always been safe, reporting the size of the
    # raw file.
    # ASCII mangling is a horrible feature of the protocol.
    #ascii_upload_enable=YES
    #ascii_download_enable=YES
    #
    # You may fully customise the login banner string:
    #ftpd_banner=Welcome to blah FTP service.
    #
    # You may specify a file of disallowed anonymous e-mail addresses. Apparently
    # useful for combatting certain DoS attacks.
    #deny_email_enable=YES
    # (default follows)
    #banned_email_file=/etc/vsftpd.banned_emails
    #
    # You may restrict local users to their home directories.  See the FAQ for
    # the possible risks in this before using chroot_local_user or
    # chroot_list_enable below.
    #chroot_local_user=YES
    #
    # You may specify an explicit list of local users to chroot() to their home
    # directory. If chroot_local_user is YES, then this list becomes a list of
    # users to NOT chroot().
    #chroot_local_user=YES
    #chroot_list_enable=YES
    # (default follows)
    #chroot_list_file=/etc/vsftpd.chroot_list
    #
    # You may activate the "-R" option to the builtin ls. This is disabled by
    # default to avoid remote users being able to cause excessive I/O on large
    # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
    # the presence of the "-R" option, so there is a strong case for enabling it.
    #ls_recurse_enable=YES
    #
    #
    # Debian customization
    #
    # Some of vsftpd's settings don't fit the Debian filesystem layout by
    # default.  These settings are more Debian-friendly.
    #
    # This option should be the name of a directory which is empty.  Also, the
    # directory should not be writable by the ftp user. This directory is used
    # as a secure chroot() jail at times vsftpd does not require filesystem
    # access.
    secure_chroot_dir=/var/run/vsftpd/empty
    #
    # This string is the name of the PAM service vsftpd will use.
    pam_service_name=vsftpd
    #
    # This option specifies the location of the RSA certificate to use for SSL
    # encrypted connections.
    rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
    Thank you for any and all help

  2. #2
    Join Date
    Dec 2009
    Beans
    112
    Distro
    Ubuntu 9.10 Karmic Koala

    Re: Public, anonymous FTP with vsftpd

    What problem are you facing?

    This command will give a list & description of useful options/rules:
    Code:
    man vsftpd.conf
    And this will show the port status for vsftpd:
    Code:
    sudo netstat -tulpn | grep ftp

  3. #3
    Join Date
    Nov 2005
    Location
    Sendai, Japan
    Beans
    11,296
    Distro
    Kubuntu

    Re: Public, anonymous FTP with vsftpd

    Normally, the only thing you'd need to do is set anon_root to the directory you want to be the root of your anonymous FTP, so something like:

    Code:
    anon_root=/home/you/public
    Of course make sure the ftp user has read and search permission to this directory and all directories in the path (i.e. /, /home and /home/you).
    「明後日の夕方には帰ってるからね。」


  4. #4
    Join Date
    Dec 2006
    Location
    Chicago
    Beans
    3,839

    Re: Public, anonymous FTP with vsftpd

    Quote Originally Posted by Bachstelze View Post
    Of course make sure the ftp user has read and search permission to this directory and all directories in the path (i.e. /, /home and /home/you).
    Also, if I recall correctly, the ftp user cannot have write permission on the anon_root directory, but can on subdirectories.

  5. #5
    Join Date
    Apr 2007
    Beans
    40

    Re: Public, anonymous FTP with vsftpd

    Quote Originally Posted by chuina View Post
    What problem are you facing?

    This command will give a list & description of useful options/rules:
    Code:
    man vsftpd.conf
    And this will show the port status for vsftpd:
    Code:
    sudo netstat -tulpn | grep ftp
    I've read the man page. It's just not very clear for me. In fact, I read somewhere that the man page is not complete, in the sense that it does not include all options.

    Anyway, to answer my question, the specific problem is that if I access my own IP setting with the above listed conf file it shows up blank...where is vsftpd pointing to?

    Also, how can I secure this system so that I show (to the entire world!) that folder and *only* that folder?

  6. #6
    Join Date
    Jun 2009
    Location
    USA
    Beans
    45
    Distro
    Ubuntu 9.10 Karmic Koala

    Re: Public, anonymous FTP with vsftpd

    if I understand you correctly, you want to know where the ftp for anonymous is.

    try /var/ftp

    Also look up vsftp in some of the linux books at your local library. They might have some information that you are looking for.

  7. #7
    Join Date
    Apr 2007
    Beans
    40

    Re: Public, anonymous FTP with vsftpd

    Quote Originally Posted by jm2 View Post
    if I understand you correctly, you want to know where the ftp for anonymous is.

    try /var/ftp

    Also look up vsftp in some of the linux books at your local library. They might have some information that you are looking for.
    What I really wanted was to make /home/me/public the path for the ftp shares and share nothing else...Could I symlink ~/public to /vat/ftp? Would any other directories be shown?

    Forget my local library...its windows all the way there.

  8. #8
    Join Date
    Dec 2006
    Location
    Chicago
    Beans
    3,839

    Re: Public, anonymous FTP with vsftpd

    Quote Originally Posted by van_Zeller View Post
    What I really wanted was to make /home/me/public the path for the ftp shares and share nothing else...Could I symlink ~/public to /vat/ftp? Would any other directories be shown?

    Forget my local library...its windows all the way there.
    Did you read the thread?
    Code:
    anon_root=/home/me/public

  9. #9
    Join Date
    Apr 2007
    Beans
    40

    Re: Public, anonymous FTP with vsftpd

    Quote Originally Posted by cdenley View Post
    Did you read the thread?
    Code:
    anon_root=/home/me/public

    That did the trick! I now have my own ftp server! I'm marking the as solved. Thanks a million for your help!

  10. #10
    Join Date
    Feb 2011
    Beans
    1

    Public, anonymous FTP with vsftpd

    Please Help me!!!!
    i setup ftp on ubuntu 10.10 i can copy file on ftp folder, but i cant delete file.or copy on my computer.

    and i want my ftp be public than everyone can edit ftp file!
    What should I do????????
    Last edited by emimen22; March 1st, 2011 at 01:26 PM.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •