root@nirav:~# yum install vsftpd
root@nirav:~# cp -p /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.orig
root@nirav:~# vim /etc/vsftpd/vsftpd.conf
#Disable anonymous login
Comment the below line
#anonymous_enable=YES
OR
anonymous_enable=NO
#Enable the custom logs. By default, the xferlog file contains logging information from the FTP server daemon.
xferlog_std_format=NO
log_ftp_protocol=YES
# You may specify an explicit list of local users to chroot() to their home directory. If chroot_local_user is YES, then this list becomes a list of users to NOT chroot().
chroot_local_user=YES
chroot_list_enable=YES
# (default follows)
chroot_list_file=/etc/vsftpd/chroot_list
# When "listen" directive is enabled, vsftpd runs in standalone mode and listens on IPv4 sockets.
listen=YES
# Disable listening on IPv6 sockets. By default, listening on the IPv6 "any" address (::) will accept connections from both IPv6 and IPv4 clients.
listen_ipv6=NO
#To configure passive mode for vsftpd you need to set some parameters
pasv_enable=YES
pasv_max_port=24200
pasv_min_port=24000
port_enable=YES
pasv_address=xxxx.xxxx.xxxx.xxxx ( Public or Elastic IP Address )
root@nirav:~# vim /etc/vsftpd/chroot_list
Add the lists of users you want to be chrooted to their directory.
nirav
root@nirav:~# systemctl enable vsftpd.service
root@nirav:~# systemctl start vsftpd.service
No comments:
Post a Comment