Difference between revisions of "FTP"

From vpsget wiki
Jump to: navigation, search
 
(15 intermediate revisions by 2 users not shown)
Line 2: Line 2:
 
  iptables -t filter -A OUTPUT -p tcp --dport 20:21 -j ACCEPT
 
  iptables -t filter -A OUTPUT -p tcp --dport 20:21 -j ACCEPT
 
  iptables -t filter -A INPUT -p tcp --dport 20:21 -j ACCEPT
 
  iptables -t filter -A INPUT -p tcp --dport 20:21 -j ACCEPT
  service iptables save >/etc/sysconfig/iptables
+
  iptables-save >/etc/sysconfig/iptables
 
  service iptables restart
 
  service iptables restart
 
<h2>How to install ftp server on Centos.</h2>
 
<h2>How to install ftp server on Centos.</h2>
Line 11: Line 11:
 
  ascii_upload_enable=YES
 
  ascii_upload_enable=YES
 
  ascii_download_enable=YES
 
  ascii_download_enable=YES
 +
chroot_local_user=YES
 
User root is not allowed to connect to ftp server by default for security reason. So create a new user, for example "user":
 
User root is not allowed to connect to ftp server by default for security reason. So create a new user, for example "user":
 
  useradd user
 
  useradd user
Line 18: Line 19:
 
Start vsftpd service
 
Start vsftpd service
 
  service vsftpd start
 
  service vsftpd start
Now your ftp server is operational and you can access it with ftp client like [https://filezilla-project.org/ filezilla]
+
Now your ftp server is operational and you can access it with ftp client like [https://filezilla-project.org/ filezilla]<br/>
 +
User "user" has access to its home directory only, but if you want to open more directories you can do so by adding symlinks. For example you want to share a folder ''/files'' with user "user":
 +
ln -s /files /home/user
 +
Now we have a folder ''/home/user/'''files''''' which is actually a link to ''/files''. Now set permitions to the folder ''/files''. In order to grant full access to this folder issue following:
 +
chmod 777 /files
 +
 
 +
You also <b>can use 'mount' to create a Symbolic Link instead of using the 'ln -s' command</b>. It's better coz there is no permissions issues and you can add it to autostart. For create mount:
 +
  mount /files /home/user --bind --rw
 +
If you want that is was mounted automatically during boot add the next line to the /etc/fstab:
 +
  /files /home/user auto rw,bind 0 0
 +
 
 +
 
 
<h2>How to install ftp server on Debian.</h2>
 
<h2>How to install ftp server on Debian.</h2>
 
Install ftp server:
 
Install ftp server:
Line 49: Line 61:
  
 
Now your ftp server is operational and you can access it with ftp client like [https://filezilla-project.org/ filezilla]. vsftpd is set to start at boot by default.
 
Now your ftp server is operational and you can access it with ftp client like [https://filezilla-project.org/ filezilla]. vsftpd is set to start at boot by default.
 +
<h3>How to configure ftp virtual host</h3>
 +
Virtual hosting is where different clients access your machine on different IP addresses (virtual IPs) and get redirected to different ftp sites.<br/>
 +
For example, if your machine responds to two IPs - 127.0.0.1 and 127.0.0.2, you could have the two different IPs represent two totally different FTP sites.<br/>
 +
For this example, we are going to build on the "INTERNET_SITE" example.
 +
 +
'''Step 1. Set up a virtual IP address.'''
 +
ifconfig eth0:1 192.168.1.10 up
 +
(the standard IP address is 192.168.1.2)<br/>
 +
(note - this isn't quite complete, the route for local connects hasn't been<br/>
 +
added, but it will do for now)
 +
 +
'''Step 2. Create a user / location for the new virtual site.'''
 +
 +
useradd -d /var/ftp_site2 ftp_site2
 +
chown root.root /var/ftp_site2
 +
chmod a+rx /var/ftp_site2
 +
umask 022
 +
mkdir /var/ftp_site2/pub
 +
echo "test" > /var/ftp_site2/pub/content
 +
 +
'''Step 3. Modify the existing site to respond to the primary IP.'''
 +
 +
Edit /etc/xinetd.d/vsftpd, and add the config line:
 +
bind = 192.168.1.2
 +
 +
'''Step 4. Create the new site, responding on the virtual IP.'''
 +
cp /etc/xinetd.d/vsftpd /etc/xinetd.d/vsftpd2
 +
Edit vsftpd2, and change<br/>
 +
- The bind line to refer to the IP address 192.168.1.10<br/>
 +
- Add the line<br/>
 +
server_args = /etc/vsftpd_site2.conf<br/>
 +
This launches this FTP site with a different vsftpd configuration file.
 +
cp /etc/vsftpd.conf /etc/vsftpd_site2.conf
 +
Add two lines:
 +
ftp_username=ftp_site2
 +
ftpd_banner=This is the alternative FTP site.
 +
'''Step 5. Restart xinetd and test!'''
 +
/etc/rc.d/init.d/xinetd restart
 +
 +
[chris@localhost vsftpd]$ ftp 192.168.1.2
 +
Connected to 192.168.1.2 (192.168.1.2).<br/>
 +
220 ready, dude (vsFTPd 1.1.0: beat me, break me)<br/>
 +
Name (192.168.1.2:chris): [chris@localhost vsftpd]$<br/>
 +
[chris@localhost vsftpd]$ ftp 192.168.1.2
 +
Connected to 192.168.1.2 (192.168.1.2).
 +
220 ready, dude (vsFTPd 1.1.0: beat me, break me)
 +
Name (192.168.1.2:chris):
 +
530 This FTP server is anonymous only.
 +
Login failed.
 +
ftp> quit
 +
221 Goodbye.
 +
 +
[chris@localhost vsftpd]$ ftp 192.168.1.10
 +
Connected to 192.168.1.10 (192.168.1.10).
 +
220 This is the alternative FTP site.<br/>
 +
Name (192.168.1.10:chris):<br/>
 +
530 This FTP server is anonymous only.<br/>
 +
Login failed.<br/>
 +
ftp>
 +
 +
Source: [ftp://vsftpd.beasts.org/users/cevans/untar/vsftpd-3.0.2/EXAMPLE/VIRTUAL_HOSTS/README vsftpd official web site]
 +
 +
 +
***ADDON***
 +
How to check ftp storage used using ftp client and CLI:
 +
 +
echo "du -hs" | lftp sftp://<user>:<pass>@ftp.example.com
 +
or
 +
echo "df -h" | sftp <user>@ftp.example.com #enter password up to request
 +
 +
 
[[Category:Linux]]
 
[[Category:Linux]]

Latest revision as of 14:10, 22 October 2018

First of all make sure you have the ports 20-21 opened in your firewall. If not, you can do so with the following commands:

iptables -t filter -A OUTPUT -p tcp --dport 20:21 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 20:21 -j ACCEPT
iptables-save >/etc/sysconfig/iptables
service iptables restart

How to install ftp server on Centos.

Install ftp server:

yum install vsftpd

Edit the config file /etc/vsftpd/vsftpd.conf. It is recommended to set the following strings like shown below:

anonymous_enable=NO
ascii_upload_enable=YES
ascii_download_enable=YES
chroot_local_user=YES

User root is not allowed to connect to ftp server by default for security reason. So create a new user, for example "user":

useradd user
passwd user

Enable vsftpd to start at boot

chkconfig vsftpd on

Start vsftpd service

service vsftpd start

Now your ftp server is operational and you can access it with ftp client like filezilla
User "user" has access to its home directory only, but if you want to open more directories you can do so by adding symlinks. For example you want to share a folder /files with user "user":

ln -s /files /home/user

Now we have a folder /home/user/files which is actually a link to /files. Now set permitions to the folder /files. In order to grant full access to this folder issue following:

chmod 777 /files

You also can use 'mount' to create a Symbolic Link instead of using the 'ln -s' command. It's better coz there is no permissions issues and you can add it to autostart. For create mount:

 mount /files /home/user --bind --rw

If you want that is was mounted automatically during boot add the next line to the /etc/fstab:

 /files /home/user auto rw,bind 0 0


How to install ftp server on Debian.

Install ftp server:

aptitude install proftpd

User root is not allowed to connect to ftp server by default for security reason. So create a new user, for example "user":

adduser user

Now your ftp server is operational and you can access it with ftp client like filezilla. Proftpd is set to start at boot by default.
In order to adjust the configuration to your needs, edit the /etc/proftpd/proftpd.conf file.

How to install ftp server on Ubuntu.

Install ftp server:

apt-get install vsftpd

If you're getting error:

root@test:~# apt-get install vsftpd
Reading package lists... Done
Building dependency tree... Done
E: Unable to locate package vsftpd

do following:

apt-get update

In order to adjust the configuration to your needs, edit the /etc/proftpd/proftpd.conf file. To allow anonymuos connections, edit following lines:

anonymous_enable=Yes
#local_enable=YES

To deny anonymous connections, edit following lines:

anonymous_enable=NO
local_enable=YES

To disable write-protection, uncomment following line:

write_enable=YES

In case when anonymous connections are disabled you should create a new user because user root is not allowed to connect to ftp server by default for security reason. To create a new user "user" enter the command:

adduser user

Now your ftp server is operational and you can access it with ftp client like filezilla. vsftpd is set to start at boot by default.

How to configure ftp virtual host

Virtual hosting is where different clients access your machine on different IP addresses (virtual IPs) and get redirected to different ftp sites.
For example, if your machine responds to two IPs - 127.0.0.1 and 127.0.0.2, you could have the two different IPs represent two totally different FTP sites.
For this example, we are going to build on the "INTERNET_SITE" example.

Step 1. Set up a virtual IP address.

ifconfig eth0:1 192.168.1.10 up

(the standard IP address is 192.168.1.2)
(note - this isn't quite complete, the route for local connects hasn't been
added, but it will do for now)

Step 2. Create a user / location for the new virtual site.

useradd -d /var/ftp_site2 ftp_site2
chown root.root /var/ftp_site2
chmod a+rx /var/ftp_site2
umask 022
mkdir /var/ftp_site2/pub
echo "test" > /var/ftp_site2/pub/content

Step 3. Modify the existing site to respond to the primary IP.

Edit /etc/xinetd.d/vsftpd, and add the config line:

bind = 192.168.1.2

Step 4. Create the new site, responding on the virtual IP.

cp /etc/xinetd.d/vsftpd /etc/xinetd.d/vsftpd2

Edit vsftpd2, and change
- The bind line to refer to the IP address 192.168.1.10
- Add the line

server_args = /etc/vsftpd_site2.conf

This launches this FTP site with a different vsftpd configuration file.

cp /etc/vsftpd.conf /etc/vsftpd_site2.conf

Add two lines:

ftp_username=ftp_site2
ftpd_banner=This is the alternative FTP site.

Step 5. Restart xinetd and test!

/etc/rc.d/init.d/xinetd restart
[chris@localhost vsftpd]$ ftp 192.168.1.2
Connected to 192.168.1.2 (192.168.1.2).
220 ready, dude (vsFTPd 1.1.0: beat me, break me)
Name (192.168.1.2:chris): [chris@localhost vsftpd]$
[chris@localhost vsftpd]$ ftp 192.168.1.2 Connected to 192.168.1.2 (192.168.1.2). 220 ready, dude (vsFTPd 1.1.0: beat me, break me) Name (192.168.1.2:chris): 530 This FTP server is anonymous only. Login failed. ftp> quit 221 Goodbye.
[chris@localhost vsftpd]$ ftp 192.168.1.10
Connected to 192.168.1.10 (192.168.1.10).
220 This is the alternative FTP site.
Name (192.168.1.10:chris):
530 This FTP server is anonymous only.
Login failed.
ftp>

Source: vsftpd official web site


      • ADDON***

How to check ftp storage used using ftp client and CLI:

echo "du -hs" | lftp sftp://<user>:<pass>@ftp.example.com

or

echo "df -h" | sftp <user>@ftp.example.com #enter password up to request