Difference between revisions of "FTP"
(21 intermediate revisions by 2 users not shown) | |||
Line 2: | Line 2: | ||
iptables -t filter -A OUTPUT -p tcp --dport 20:21 -j ACCEPT | iptables -t filter -A OUTPUT -p tcp --dport 20:21 -j ACCEPT | ||
iptables -t filter -A INPUT -p tcp --dport 20:21 -j ACCEPT | iptables -t filter -A INPUT -p tcp --dport 20:21 -j ACCEPT | ||
− | + | iptables-save >/etc/sysconfig/iptables | |
service iptables restart | service iptables restart | ||
− | <h2>How to install ftp server on Centos | + | <h2>How to install ftp server on Centos.</h2> |
Install ftp server: | Install ftp server: | ||
yum install vsftpd | yum install vsftpd | ||
− | Edit the config file /etc/vsftpd/vsftpd.conf. It is recommended to set the following strings like shown below: | + | Edit the config file ''/etc/vsftpd/vsftpd.conf''. It is recommended to set the following strings like shown below: |
anonymous_enable=NO | anonymous_enable=NO | ||
ascii_upload_enable=YES | ascii_upload_enable=YES | ||
ascii_download_enable=YES | ascii_download_enable=YES | ||
+ | chroot_local_user=YES | ||
User root is not allowed to connect to ftp server by default for security reason. So create a new user, for example "user": | User root is not allowed to connect to ftp server by default for security reason. So create a new user, for example "user": | ||
useradd user | useradd user | ||
Line 18: | Line 19: | ||
Start vsftpd service | Start vsftpd service | ||
service vsftpd start | service vsftpd start | ||
− | Now your ftp server is operational and you can access it with ftp client like [https://filezilla-project.org/ filezilla] | + | Now your ftp server is operational and you can access it with ftp client like [https://filezilla-project.org/ filezilla]<br/> |
− | <h2>How to install ftp server on Debian | + | User "user" has access to its home directory only, but if you want to open more directories you can do so by adding symlinks. For example you want to share a folder ''/files'' with user "user": |
+ | ln -s /files /home/user | ||
+ | Now we have a folder ''/home/user/'''files''''' which is actually a link to ''/files''. Now set permitions to the folder ''/files''. In order to grant full access to this folder issue following: | ||
+ | chmod 777 /files | ||
+ | |||
+ | You also <b>can use 'mount' to create a Symbolic Link instead of using the 'ln -s' command</b>. It's better coz there is no permissions issues and you can add it to autostart. For create mount: | ||
+ | mount /files /home/user --bind --rw | ||
+ | If you want that is was mounted automatically during boot add the next line to the /etc/fstab: | ||
+ | /files /home/user auto rw,bind 0 0 | ||
+ | |||
+ | |||
+ | <h2>How to install ftp server on Debian.</h2> | ||
Install ftp server: | Install ftp server: | ||
aptitude install proftpd | aptitude install proftpd | ||
Line 25: | Line 37: | ||
adduser user | adduser user | ||
Now your ftp server is operational and you can access it with ftp client like [https://filezilla-project.org/ filezilla]. Proftpd is set to start at boot by default.<br/> | Now your ftp server is operational and you can access it with ftp client like [https://filezilla-project.org/ filezilla]. Proftpd is set to start at boot by default.<br/> | ||
− | In order to adjust the configuration to your needs, edit the /etc/proftpd/proftpd.conf file. | + | In order to adjust the configuration to your needs, edit the ''/etc/proftpd/proftpd.conf'' file. |
+ | <h2>How to install ftp server on Ubuntu.</h2> | ||
+ | Install ftp server: | ||
+ | apt-get install vsftpd | ||
+ | If you're getting error: | ||
+ | root@test:~# apt-get install vsftpd | ||
+ | Reading package lists... Done | ||
+ | Building dependency tree... Done | ||
+ | E: Unable to locate package vsftpd | ||
+ | do following: | ||
+ | apt-get update | ||
+ | In order to adjust the configuration to your needs, edit the ''/etc/proftpd/proftpd.conf'' file. | ||
+ | To allow anonymuos connections, edit following lines: | ||
+ | anonymous_enable=Yes | ||
+ | #local_enable=YES | ||
+ | To deny anonymous connections, edit following lines: | ||
+ | anonymous_enable=NO | ||
+ | local_enable=YES | ||
+ | To disable write-protection, uncomment following line: | ||
+ | write_enable=YES | ||
+ | In case when anonymous connections are disabled you should create a new user because user root is not allowed to connect to ftp server by default for security reason. To create a new user "user" enter the command: | ||
+ | adduser user | ||
+ | |||
+ | Now your ftp server is operational and you can access it with ftp client like [https://filezilla-project.org/ filezilla]. vsftpd is set to start at boot by default. | ||
+ | <h3>How to configure ftp virtual host</h3> | ||
+ | Virtual hosting is where different clients access your machine on different IP addresses (virtual IPs) and get redirected to different ftp sites.<br/> | ||
+ | For example, if your machine responds to two IPs - 127.0.0.1 and 127.0.0.2, you could have the two different IPs represent two totally different FTP sites.<br/> | ||
+ | For this example, we are going to build on the "INTERNET_SITE" example. | ||
+ | |||
+ | '''Step 1. Set up a virtual IP address.''' | ||
+ | ifconfig eth0:1 192.168.1.10 up | ||
+ | (the standard IP address is 192.168.1.2)<br/> | ||
+ | (note - this isn't quite complete, the route for local connects hasn't been<br/> | ||
+ | added, but it will do for now) | ||
+ | |||
+ | '''Step 2. Create a user / location for the new virtual site.''' | ||
+ | |||
+ | useradd -d /var/ftp_site2 ftp_site2 | ||
+ | chown root.root /var/ftp_site2 | ||
+ | chmod a+rx /var/ftp_site2 | ||
+ | umask 022 | ||
+ | mkdir /var/ftp_site2/pub | ||
+ | echo "test" > /var/ftp_site2/pub/content | ||
+ | |||
+ | '''Step 3. Modify the existing site to respond to the primary IP.''' | ||
+ | |||
+ | Edit /etc/xinetd.d/vsftpd, and add the config line: | ||
+ | bind = 192.168.1.2 | ||
+ | |||
+ | '''Step 4. Create the new site, responding on the virtual IP.''' | ||
+ | cp /etc/xinetd.d/vsftpd /etc/xinetd.d/vsftpd2 | ||
+ | Edit vsftpd2, and change<br/> | ||
+ | - The bind line to refer to the IP address 192.168.1.10<br/> | ||
+ | - Add the line<br/> | ||
+ | server_args = /etc/vsftpd_site2.conf<br/> | ||
+ | This launches this FTP site with a different vsftpd configuration file. | ||
+ | cp /etc/vsftpd.conf /etc/vsftpd_site2.conf | ||
+ | Add two lines: | ||
+ | ftp_username=ftp_site2 | ||
+ | ftpd_banner=This is the alternative FTP site. | ||
+ | '''Step 5. Restart xinetd and test!''' | ||
+ | /etc/rc.d/init.d/xinetd restart | ||
+ | |||
+ | [chris@localhost vsftpd]$ ftp 192.168.1.2 | ||
+ | Connected to 192.168.1.2 (192.168.1.2).<br/> | ||
+ | 220 ready, dude (vsFTPd 1.1.0: beat me, break me)<br/> | ||
+ | Name (192.168.1.2:chris): [chris@localhost vsftpd]$<br/> | ||
+ | [chris@localhost vsftpd]$ ftp 192.168.1.2 | ||
+ | Connected to 192.168.1.2 (192.168.1.2). | ||
+ | 220 ready, dude (vsFTPd 1.1.0: beat me, break me) | ||
+ | Name (192.168.1.2:chris): | ||
+ | 530 This FTP server is anonymous only. | ||
+ | Login failed. | ||
+ | ftp> quit | ||
+ | 221 Goodbye. | ||
+ | |||
+ | [chris@localhost vsftpd]$ ftp 192.168.1.10 | ||
+ | Connected to 192.168.1.10 (192.168.1.10). | ||
+ | 220 This is the alternative FTP site.<br/> | ||
+ | Name (192.168.1.10:chris):<br/> | ||
+ | 530 This FTP server is anonymous only.<br/> | ||
+ | Login failed.<br/> | ||
+ | ftp> | ||
+ | |||
+ | Source: [ftp://vsftpd.beasts.org/users/cevans/untar/vsftpd-3.0.2/EXAMPLE/VIRTUAL_HOSTS/README vsftpd official web site] | ||
+ | |||
+ | |||
+ | ***ADDON*** | ||
+ | How to check ftp storage used using ftp client and CLI: | ||
+ | |||
+ | echo "du -hs" | lftp sftp://<user>:<pass>@ftp.example.com | ||
+ | or | ||
+ | echo "df -h" | sftp <user>@ftp.example.com #enter password up to request | ||
+ | |||
− | [[Category:Linux]] | + | [[Category:Linux]] |
Latest revision as of 14:10, 22 October 2018
First of all make sure you have the ports 20-21 opened in your firewall. If not, you can do so with the following commands:
iptables -t filter -A OUTPUT -p tcp --dport 20:21 -j ACCEPT iptables -t filter -A INPUT -p tcp --dport 20:21 -j ACCEPT iptables-save >/etc/sysconfig/iptables service iptables restart
Contents
How to install ftp server on Centos.
Install ftp server:
yum install vsftpd
Edit the config file /etc/vsftpd/vsftpd.conf. It is recommended to set the following strings like shown below:
anonymous_enable=NO ascii_upload_enable=YES ascii_download_enable=YES chroot_local_user=YES
User root is not allowed to connect to ftp server by default for security reason. So create a new user, for example "user":
useradd user passwd user
Enable vsftpd to start at boot
chkconfig vsftpd on
Start vsftpd service
service vsftpd start
Now your ftp server is operational and you can access it with ftp client like filezilla
User "user" has access to its home directory only, but if you want to open more directories you can do so by adding symlinks. For example you want to share a folder /files with user "user":
ln -s /files /home/user
Now we have a folder /home/user/files which is actually a link to /files. Now set permitions to the folder /files. In order to grant full access to this folder issue following:
chmod 777 /files
You also can use 'mount' to create a Symbolic Link instead of using the 'ln -s' command. It's better coz there is no permissions issues and you can add it to autostart. For create mount:
mount /files /home/user --bind --rw
If you want that is was mounted automatically during boot add the next line to the /etc/fstab:
/files /home/user auto rw,bind 0 0
How to install ftp server on Debian.
Install ftp server:
aptitude install proftpd
User root is not allowed to connect to ftp server by default for security reason. So create a new user, for example "user":
adduser user
Now your ftp server is operational and you can access it with ftp client like filezilla. Proftpd is set to start at boot by default.
In order to adjust the configuration to your needs, edit the /etc/proftpd/proftpd.conf file.
How to install ftp server on Ubuntu.
Install ftp server:
apt-get install vsftpd
If you're getting error:
root@test:~# apt-get install vsftpd Reading package lists... Done Building dependency tree... Done E: Unable to locate package vsftpd
do following:
apt-get update
In order to adjust the configuration to your needs, edit the /etc/proftpd/proftpd.conf file. To allow anonymuos connections, edit following lines:
anonymous_enable=Yes #local_enable=YES
To deny anonymous connections, edit following lines:
anonymous_enable=NO local_enable=YES
To disable write-protection, uncomment following line:
write_enable=YES
In case when anonymous connections are disabled you should create a new user because user root is not allowed to connect to ftp server by default for security reason. To create a new user "user" enter the command:
adduser user
Now your ftp server is operational and you can access it with ftp client like filezilla. vsftpd is set to start at boot by default.
How to configure ftp virtual host
Virtual hosting is where different clients access your machine on different IP addresses (virtual IPs) and get redirected to different ftp sites.
For example, if your machine responds to two IPs - 127.0.0.1 and 127.0.0.2, you could have the two different IPs represent two totally different FTP sites.
For this example, we are going to build on the "INTERNET_SITE" example.
Step 1. Set up a virtual IP address.
ifconfig eth0:1 192.168.1.10 up
(the standard IP address is 192.168.1.2)
(note - this isn't quite complete, the route for local connects hasn't been
added, but it will do for now)
Step 2. Create a user / location for the new virtual site.
useradd -d /var/ftp_site2 ftp_site2 chown root.root /var/ftp_site2 chmod a+rx /var/ftp_site2 umask 022 mkdir /var/ftp_site2/pub echo "test" > /var/ftp_site2/pub/content
Step 3. Modify the existing site to respond to the primary IP.
Edit /etc/xinetd.d/vsftpd, and add the config line:
bind = 192.168.1.2
Step 4. Create the new site, responding on the virtual IP.
cp /etc/xinetd.d/vsftpd /etc/xinetd.d/vsftpd2
Edit vsftpd2, and change
- The bind line to refer to the IP address 192.168.1.10
- Add the line
server_args = /etc/vsftpd_site2.conf
This launches this FTP site with a different vsftpd configuration file.
cp /etc/vsftpd.conf /etc/vsftpd_site2.conf
Add two lines:
ftp_username=ftp_site2 ftpd_banner=This is the alternative FTP site.
Step 5. Restart xinetd and test!
/etc/rc.d/init.d/xinetd restart
[chris@localhost vsftpd]$ ftp 192.168.1.2 Connected to 192.168.1.2 (192.168.1.2).
220 ready, dude (vsFTPd 1.1.0: beat me, break me)
Name (192.168.1.2:chris): [chris@localhost vsftpd]$
[chris@localhost vsftpd]$ ftp 192.168.1.2 Connected to 192.168.1.2 (192.168.1.2). 220 ready, dude (vsFTPd 1.1.0: beat me, break me) Name (192.168.1.2:chris): 530 This FTP server is anonymous only. Login failed. ftp> quit 221 Goodbye.
[chris@localhost vsftpd]$ ftp 192.168.1.10 Connected to 192.168.1.10 (192.168.1.10). 220 This is the alternative FTP site.
Name (192.168.1.10:chris):
530 This FTP server is anonymous only.
Login failed.
ftp>
Source: vsftpd official web site
- ADDON***
How to check ftp storage used using ftp client and CLI:
echo "du -hs" | lftp sftp://<user>:<pass>@ftp.example.com
or
echo "df -h" | sftp <user>@ftp.example.com #enter password up to request