[Gentoo Linux]Installing and Configuring vsftpd

Last update on August 20, 2009 10:57 AM by jak58
Published by jak58

[Gentoo Linux]Installing and Configuring vsftpd






Vsftpd is an FTP server, which can be easily install and used
  • To install under Gentoo, you must run the command: 

emerge vsftpd
  • Once installed, it is possible to start the Daemon using /etc/init.d/vsftpd start
  • You can program it to launch at start up your machine using rc-update add vsftpd default.

Configuration


The configuration of vsftpd is mainly done by changing the settings in /etc/vsftpd/vsftpd.conf

Configuration using ssl


To configure the use of ssl, it must generate an ssl certificate as follows: 
/etc/ssl/certs/openssl req -x509 -nodes -days 7300 -newkey rsa:2048 \
  -keyout /etc/ssl/certs/vsftpd.pem -out /etc/ssl/certs/vsftpd.pem


You must carefully follow the steps during creation of certificate by providing the necessary information.
It must then return the configuration file /etc/vsftpd/vsftpd.conf by incorporating the following parameters: 


#Activate ssl
ssl_enable=YES

#Choose to enable or disable anonymous access via ssl
# allow_anon_ssl=NO

#This parameter must be enabled to run ssl
ssl_tlsv1=YES

#Optional parameters 
force_local_logins_ssl=YES
ssl_sslv2=YES
ssl_sslv3=YES

Management of virtual users authentication with PAM


It requires:
Create a text file at /etc/vsftpd/ containing the list of users to create their passwords with the following structure: 

User1 
Password1
User2 
Password2
... 
UtilisateurX 
Passwordx


Note that: the file must end with a newline.
Generate the user database from this file: 

DbX.Y_load -T -t hash -f /etc/vsftpd/users.txt /etc/vsftpd/users.db


Note that it is necessary to install the library dbx-util via the command: 
emerge db


Where X.Y is the version.
    • Then we must protect the database 


chmod 600 /etc/vsftpd/users.db
    • Add to the file /etc/pam.d/vsftpd the two lines 


auth required /lib/security/pam_userdb.so db=/etc/vsftpd/users
account required /lib/security/pam_userdb.so db=/etc/vsftpd/users
  • Note that to install if not already on the library via the pam_userdb

emerge pam_userdb
.
To identify users using the /etc/passwd and database PAM, add the following lines: 

auth sufficient pam_unix.so
account sufficient pam_unix.so
  • Edit the file vsftpd.conf to add the parameters: 


llocal_enable=YES
chroot_local_user=YES
guest_enable=YES
guest_username=ftpuser


Note that the virtual users have the same privileges as anonymous users. In order to have write access to the shared folder, in addition to the option: 

write_enable=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
Best answers for « Installing and Configuring vsftpd » in :
Installing a light HTTP Proxy Server (TINYPROXY) Show Installing a light HTTP Proxy Server (TINYPROXY) Installation Configuration Port Address Authorisation Logs Other Squid is a proxy server for bigger networks (enterprises, etc..) Can be also installed on smaller local...
Installing DB2 Express V9 Show Installing DB2 Express V9 Prerequisites Installation Configuration Here below is a guide for the installation of DB2 Express V9.5 available from IBM. Prerequisites First of all download the version to install from the following...
[Debian] Debian GNU/Linux 4.0 AMD64 - Installing Skype Show [Debian] Debian GNU/Linux 4.0 AMD64 - Installing Skype Downloading Skype Installation Configuring Skype Downloading Skype mkdir /home/lami20j/src cd /home/lami20j/src wget http://www.skype.com/go/getskype-linux...
The autocompletion C/C + + in vim ShowThe autocompletion C/C + + in vim Installation Configuration Use Links This tutorial is for people who use Vim under Windows or Linux. Here, I will instead direct the tutorial for those running Linux. Introduction The auto...
Scanning a Debian-based network with Nessus ShowScanning a Debian-based network with Nessus Introduction Installation Configuration Starting Nessus Server Using the Nessus client Notes Nessus is a network scanner that tries to detect potential security vulnerabilities in the...
[Gentoo Linux] Installing and configuring Java Show[Gentoo Linux] Installing and configuring Java Installing JDK Configuring the JVM The Gentoo Linux distribution offers a range of JRE and JDK environments. To install them simply procede as follows: Installing JDK To start the...
Download Windows Installer ShowMicrosoft WindowsIinstaller is a service of installation and application configuration, allowing to manage the applications containing the MSI extension MSI. Windows Installer 3.1 is a secondary update of Windows Installer 3.0 published in...
Download Ext2 Installable File System ShowIf you currently have Windows running and you realize that you need some files for your work which you have stored on an Ext2 volume of your Linux installation, you no longer have to shut down Windows and boot Linux! Furthermore, Windows will now...
Download Advanced Windows Unattended Installer Show
Installing a network adapter ShowPurpose The purpose of this article is to set up a network to enable data exchanges between computers, resource sharing and network games. Is it therefore necessary to install a network card in each computer that may be part of the local area...
Installing a network card ShowGoal The goal is to set up a network in order to exchange data or play games on the network. Thus, it is necessary to install a network card on every computer that may become part of the LAN. The purpose of this tutorial is to help you to install a...
Intranet - Installing a mail server ShowIntroduction to installation The most commonly used e-mail server in Linux is Sendmail; however, as it is very hard to configure, we will use Qmail, an alternative e-mail server, instead. Qmail is made up of a group of programs that work with...
They need your help