Project

General

Profile

Support #587

Install VSFTPD on FreeBSD

Added by Daniel Curtis over 9 years ago. Updated over 9 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
File Server
Target version:
Start date:
03/26/2015
Due date:
% Done:

100%

Estimated time:
1.00 h
Spent time:

Description

This is a guide for setting up VSFTPD on FreeBSD.

Setting up the Environment

  • Start by making sure everything is up to date:
    pkg update && pkg upgrade
    portsnap fetch extract
    
  • Install portmaster:
    cd /usr/ports/ports-mgmt/portmaster
    make install clean
    pkg2ng
    
  • Install py-htpasswd:
    portmaster security/py-htpasswd
    

Install VSFTPD

  • Install VSFTPD:
    portmaster ftp/vsftpd
    
  • In order to be able to authenticate FTP users properly, install the security/pam_pwdfile port:
    portmaster security/pam_pwdfile
    

Configuration of vsftpd

First we will configure vsftpd, so it is able to authenticate our FTP users - the information about the FTP users will be stored in the /usr/local/etc/vsftpd_login.db file, which we will later populate with some user accounts.

  • Now create the /etc/pam.d/vsftpd file,
    vi /etc/pam.d/vsftpd
    
    • And add/modify the following lines:
      auth required /usr/local/lib/pam_pwdfile.so pwdfile /usr/local/etc/vsftpd_login.db
      account required /usr/lib/pam_permit.so
      
  • Create the virtual user for our vsftpd setup:
    adduser -v
    
    • Example output:
      Username: virtual
      Full name: Virtual FTP user
      Uid (Leave empty for default):
      Login group [virtual]:
      Login group is virtual. Invite virtual into other groups? []:
      Login class [default]:
      Shell (sh csh tcsh bash rbash nologin) [sh]: nologin
      Home directory [/home/virtual]:
      Use password-based authentication? [yes]:
      Use an empty password? (yes/no) [no]:
      Use a random password? (yes/no) [no]:
      Enter password:
      Enter password again:
      Lock out the account after creation? [no]:
      Username   : virtual
      Password   : *****
      Full Name  : Virtual FTP user
      Uid        : 1007
      Class      :
      Groups     : virtual
      Home       : /home/virtual
      Shell      : /usr/sbin/nologin
      Locked     : no
      OK? (yes/no): yes
      adduser: INFO: Successfully added (virtual) to the user database.
      Add another user? (yes/no): no
      Goodbye!
      
  • Now edit the configuration file vsftpd:
    /usr/local/etc/vsftpd.conf
    
    • Add or modify the following parameters. Below is just a sample configuration file that I've used for my private FTP server. Please refer to the manual pages of vsftpd(8) and vsftpd.conf(5) for more information about the configuration options that you might want to include.
      anonymous_enable=NO
      anon_upload_enable=YES
      anon_mkdir_write_enable=YES
      anon_other_write_enable=YES
      anon_world_readable_only=NO
      
      listen=YES
      background=YES
      
      max_clients=200 # change these to whatever you wish
      max_per_ip=5
      
      write_enable=YES
      local_enable=YES
      pam_service_name=vsftpd
      
      xferlog_enable=YES
      local_root=/home/virtual
      
      chroot_local_user=YES
      allow_writeable_chroot=YES
      secure_chroot_dir=/usr/local/share/vsftpd/empty/
      dirmessage_enable=YES
      virtual_use_local_privs=YES
      
      pasv_enable=YES
      pasv_min_port=50000
      pasv_max_port=50999
      
      guest_enable=YES
      guest_username=virtual
      
      ls_recurse_enable=YES
      ascii_download_enable=NO
      ascii_upload_enable=NO
      

Adding Users

In order to create a user for our vsftp setup we will use the htpasswd tool, and we will keep the user details in the /usr/local/etc/vsftpd_login.db file.

  • Create the password database and create a user:
    htpasswd.py -c -b /usr/local/etc/vsftpd_login.db bob SuperSecretPassword
    
  • Secure the password file:
    chmod 0600 /usr/local/etc/vsftpd_login.db
    
  • In order to add new users, after you've created the password database:
    htpasswd.py -b /usr/local/etc/vsftpd_login.db alice SecretPassword
    
  • Start and enable vsftpd at boot:
    echo 'vsftpd_enable="YES"' >> /etc/rc.conf
    service vsftpd start
    

Resources

#1

Updated by Daniel Curtis over 9 years ago

  • Description updated (diff)
  • Status changed from New to In Progress
  • % Done changed from 0 to 30
#2

Updated by Daniel Curtis over 9 years ago

  • Description updated (diff)
#3

Updated by Daniel Curtis over 9 years ago

  • Description updated (diff)
#4

Updated by Daniel Curtis over 9 years ago

  • Description updated (diff)
  • % Done changed from 30 to 60
#5

Updated by Daniel Curtis over 9 years ago

  • Description updated (diff)
  • Status changed from In Progress to Resolved
  • % Done changed from 60 to 100
#6

Updated by Daniel Curtis over 9 years ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF