Differences

This shows you the differences between the selected revision and the current version of the page.

--- howto:vsftpd 2009/02/04 23:11
+++ howto:vsftpd 2017/09/06 18:38 current
@@ Line 2: / Line 2: @@
 I like "vim" as my editor and have that installed so I will use that but feel free to use any other editor like "joe" if you feel more comfortable with it. Thanks to fonz for helping me out with my installation. This wouldn't be possible without him!
-====== Why USE VSFTP? ======
-Well you may have a different reason but mine was that I simply wanted more control over my ftp client and I wanted to force my users to use some sort of encryption. I have the DNS-321 which is a great little device and according to my reading these instructions should work for the dns-323 and well any CH3SNAS device.
+====== Why Use VSFTP? ======
+Well, you may have a different reason but mine was that I simply wanted more control over my ftp client. I also wanted to force my users to use some sort of encryption. I have the DNS-321 which is a great little device and according to my reading these instructions should work for the DNS-323, DNS-343, and probably any CH3SNAS device.
-====== How to vsftpd ======
-First step is of course install fun-plug.
-You can find the wiki [[http://wiki.dns323.info/howto:fun_plug]]  and that should get you going.
+====== How to Set Up VSFTPD ======
-or you can use these instructions [[http://www.iterasi.net/openviewer.aspx?sqrlitid=1hqeasef7eavz8rdkus60a]] which were the original ones I used.
+The first step is to install fun_plug. You can find the wiki [[http://dns323.kood.org/]] and that should get you going.
+Or you can use these instructions [[http://www.iterasi.net/openviewer.aspx?sqrlitid=1hqeasef7eavz8rdkus60a]] which were the original ones I used.
@@ Line 92: / Line 93: @@
 By the way these must be real users on your box. If they dont exist you must create them.
-====== Adding Users to your box ======
-You can check which users exist in your box by seeing the contents of your /etc/passd file
+====== Adding Users to Your Box ======
-By default after installation of fun-plug yours should look like this
+You can check which users exist on your box by seeing the contents of your /etc/passwd file.
+After installation of fun_plug, your default user list should look like this:
 <code bash>
@@ Line 106: / Line 108: @@
 </code>
-now we add a user using the useradd command heres a brief example
+Now we add a user via the useradd command. Here is an example:
 -d = home directory this is where your user will be chrooted
 -s = shell /bin/sh is like a false shell to my understanding
@@ Line 113: / Line 115: @@
 useradd bob
 passwd bob  (enter your password twice)
-usermod - d /mnt/HD_a2/bob
+usermod -d /mnt/HD_a2/bob bob
-usermod -s /bin/sh
+usermod -s /bin/sh bob
 </code>
-Ok now we added our user bob so we can see the /etc/passwd file has changed.
+Ok now user bob is added, so we can see the /etc/passwd file has changed:
 <code bash>
@@ Line 129: / Line 131: @@
-:!: But wait don't go too fast!
+:!: But wait! Don't go too fast!
-We need to save our changes because if we reboot now that user we just added will go bye-bye.
+We need to save our changes because if we reboot now that new user go bye-bye. Save changes with:
 <code bash>
@@ Line 137: / Line 139: @@
-Ok at this point we have our users, user_list and chrootlist files, our log directory set up, our chroot directory set up, and the pachkage installed. The last thing that needs to be done is to set up the certificate file and key, configure the server and write our startup script. We are almost there I promise.
+Now we have our users, user_list, and chrootlist files, our log directory set up, our chroot directory set up, and the package installed. The last things that need to be done are to set up the certificate file and key, configure the server, and write our startup script. We are almost done, I promise.
 ====== To create your ssl key and crt files ======
@@ Line 148: / Line 148: @@
 <code bash>
 cd /ffp/pkg/
-rsync -av --delete inreto.de::dns323/fun-plug/0.5/packages/openssl-0.9.8h-1.tgz .
+rsync -av --delete inreto.de::dns323/fun-plug/0.5/packages/openssl-0.9.8k-1.tgz .
 </code>
 (note the version number at the time of my install this was the latest and greatest)
@@ Line 156: / Line 156: @@
 <code bash>
-funpkg -i openssl-0.9.8h-1.tgz
+funpkg -i openssl-0.9.8k-1.tgz
 </code>
@@ Line 223: / Line 223: @@
 This completes the SSL portion lets move on to the configuration
+====== Alternate Creation of SSL ======
+Another way to create the SSL is to use the following command:
+<code bash>
+openssl req -new -x509 -nodes -out vsftpd.pem -keyout vsftpd.pem
+</code>
@@ Line 251: / Line 259: @@
 xferlog_file=/ffp/var/log/vsftpdxf.log
 vsftpd_log_file=/ffp/var/log/vsftpd.log
 idle_session_timeout=600
 data_connection_timeout=120
 nopriv_user=nobody
 ascii_upload_enable=YES
 ascii_download_enable=YES
 ftpd_banner=Your Fancy Banner Here!
 #The following will allow you to put specific users in a chroot so that they cant move back from the chroot dir
 chroot_list_enable=YES
 #file to keep the chroot users
 chroot_list_file=/ffp/etc/vsftpd/vsftpd.chroot_list
 userlist_deny=NO
 userlist_enable=YES
 #file to keep all users able to access ftp
 userlist_file=/ffp/etc/vsftpd/vsftpd.user_list
 #background=YES
 #enable the listen to allow the ftp to listen we use this also so that we can write a startup script...
 listen=YES
 #pasv_promiscuous=YES
 pasv_enable=YES
 pasv_min_port=5000
 pasv_max_port=5500
 # You should not need this if you not going to use it through the web
 pasv_address=YOUR.PUBLIC.IP.HERE
 ls_recurse_enable=NO
 #finally force the ssl connection
 ssl_enable=YES
 allow_anon_ssl=NO
 force_local_data_ssl=YES
 force_local_logins_ssl=YES
 ssl_tlsv1=YES
 ssl_sslv2=YES
 ssl_sslv3=YES
 #point to your certificate and key
 rsa_cert_file=/ffp/etc/vsftpd/xxx.crt
 rsa_private_key_file=/ffp/etc/vsftpd/xxx.key
 </code>
@@ Line 301: / Line 309: @@
 </code>
-<code>
+<code bash>
 # vsftpd configuration file
 #
 # This file is for multiple users sharing the same ftp directory but such
 # that each user has his own login and the uploaded files are stored with
-# each user's userid
+# the userid of each user
 #
 # Anonymous access is turned off such that only local users can login
@@ Line 390: / Line 398: @@
 Now John and Jane share the same configuration. You can also make special files to each if you want.
@@ Line 418: / Line 427: @@
 name="vsftpd"
 command="/ffp/sbin/vsftpd"
-vsftpd_flags="/ffp/etc/vsftpd.conf >/dev/null 2>&1 </dev/null &"
+vsftpd_flags="/ffp/etc/vsftpd.conf"
 required_files="/ffp/etc/vsftpd.conf"
 start_cmd="vsftpd_start"
@@ Line 426: / Line 435: @@
   proc_start_bg "$command"
 }
+run_rc_command "$1"
 </code>

Differences

Views

Navigation

Personal Tools

Search

Toolbox