The first one is user_sub_token in the local_root directory path. There are a few new values that you should also add to the bottom of the file.Keep in mind that there are two lines like this, and you have to uncomment both of them. You also need to uncomment chroot to ensure that the FTP user only accesses files within the allowed directory.In the same file, we will remove # (uncomment) and make sure we enable the write_enable. anonymous_enable=NO # Uncomment this to allow local users to log in. # Allow anonymous FTP? (Disabled by default). Verify that the content has similar settings to this. To begin, use the nano command to open vsftpd configuration file. The two key configurations required for this are already set in the configuration ( nf) file. In this example, we will allow a single user to connect using a local shell account. The next step is to configure vsftpd and our FTP access. Sudo chown hostinger:hostinger /home/hostinger/ftp/filesįinally, add a test file to the directory which will be used when we test everything later on: echo "vsftpd sample file" | sudo tee /home/hostinger/ftp/files/sample.txt Next, we will create the file-holding directory and assign ownership:.ĭrwxr-xr-x 3 hostinger hostinger 4096 Oct 8 11:32. The output should look something like: total 8ĭr-xr-xr-x 2 nobody nogroup 4096 Oct 8 11:32. Now, use the following command to verify the permissions: sudo ls -la /home/hostinger/ftp Then, set the ownership using: sudo chown nobody:nogroup /home/hostinger/ftpįinally, remove the write permission: sudo chmod a-w /home/hostinger/ftp Use the following command to create the FTP folder:.It contains a writable directory that will be responsible for holding the required files. Instead, we will make an ftp directory which acts as chroot. To fix this, we don’t have to remove write privileges from the home folder. However, it is possible that because of vsftpd security, a user might not be able to write to that directory. That is why vsftpd uses chroot jails, which limits a local user to their home directory by default. Ideally, FTP should be restricted to one specific directory for security purposes. Then, enter a password for the user and fill in all the required details.Remember to change the username according to your own preference. Once the firewall is set up, we must create the user who is going to use the FTP access.The output should look something like this: Status: active port 990 will be used when TLS is enabled.ports 40000:50000 will be reserved for the range of passive ports that will eventually be set in the configuration file.Sometimes, this option is enabled by default. OpenSSH is required if you still wish to access your server via SSH. This series of commands will open up several ports: To do that, execute the following commands one by one:
0 Comments
Leave a Reply. |