Skip to content

Instantly share code, notes, and snippets.

@Kirens

Kirens/ftps.sh

Last active August 29, 2015 14:26
Show Gist options
  • Save Kirens/bfc1b0fcbea8d5c93504 to your computer and use it in GitHub Desktop.
Save Kirens/bfc1b0fcbea8d5c93504 to your computer and use it in GitHub Desktop.
Download ZIP
FTPS for debian wheezy on raspberry pi
Raw
ftps.sh
#!/bin/sh
#automation of vsftpd installation as instructed by Justin Ellingwood @ DigitalOcean
#https://www.digitalocean.com/community/tutorials/how-to-configure-vsftpd-to-use-ssl-tls-on-an-ubuntu-vps
function pwd_prompt {
[ -z "$1" ] && return 1
local PWD1="1"
local PWD2="2"
while([ "$PWD1" != "$PWD2" ])
do
read -r -s -p "Enter Password: " PWD1
echo
read -r -s -p "Retype Password: " PWD2
echo
[ "$PWD1" != "$PWD2" ] && echo "Passwords do not match, plese try again $PWD1 != $PWD2"
done
declare -g "$1"="$PWD1"
}
function add_option {
local CMD=$1
local VALUE=$2
local FILE=$3
STRING_FOUND=$(grep -m 1 "^#\{0,1\}\s\{0,\}$CMD=" $FILE)
EXIT_CODE=$?
if [ $EXIT_CODE != 0 ]
then
printf "\n#Added by init script\n$CMD=$VALUE\n" >> $FILE
elif [ "$STRING_FOUND" == "$CMD=$VALUE" ]
then
return 0
else
sed -i "/$STRING_FOUND/c\\$CMD=$VALUE" $FILE
fi
grep -q "^$CMD=$VALUE" $FILE
EXIT_CODE=$?
if [ $EXIT_CODE != 0 ]
then
return 1
else
return 0
fi
}
function add_options {
local FILE
local i=2
local FAILED=0
local cmd
local val
while([ ! -z ${@:$i:1} ])
do
cmd=${@:$i-1:1}
val=${@:$i:1}
if [ "$cmd" == "-F" ]
then
FILE="$val"
else
add_option "$cmd" "$val" $FILE
if [ $? == 0 ]
then
echo -e "Line written: \e[94m$cmd=$val\e[39m ($FILE)"
else
echo -e "\e[31mLine not written: \e[94m$cmd=$val\e[39m ($FILE)"
FAILED=1
fi
fi
((i=i+2))
done
if [ $FAILED == 1 ]
then
local VALID=0
while([ $VALID == 0 ])
do
read -p "Some options was not changed, proced anyway? [Y/N] " choice
case "$choice" in
y|Y ) VALID=1;;
n|N ) exit 1;;
# * ) echo "invalid";;
esac
done
fi
return $FAILED
}
#first parameter overrides default username
USER="ftpuser"
[ -z "$1" ] || USER="$1"
#install packages
apt-get install vsftpd
STATUS=$?
if [ $STATUS != 0 ]
then
echo -e "\e[31mInstallation error ($STATUS), aborting!"
exit 1
fi
#stop deamon while changing stuffs
/etc/init.d/vsftpd stop
STATUS=$?
if [ $STATUS != 0 ]
then
echo -e "\e[31mCould not stop vsftp deamon ($STATUS), aborting!"
exit 1
fi
#change conf-file
CONF_FILE=/etc/vsftpd.conf
add_options -F $CONF_FILE anonymous_enable NO local_enable YES write_enable YES chroot_local_user YES
#add user
useradd "$USER"
STATUS=$?
if [ $STATUS != 0 ]
then
echo -e "\e[31mCould not create user ($STATUS), aborting!"
exit 1
fi
echo "An ftp-user, named $USER, will be created. Please select a password!"
pwd_prompt USR_PWD
echo "$USER:$USR_PWD" | chpasswd
STATUS=$?
if [ $STATUS != 0 ]
then
echo -e "\e[31mCould not set user password ($STATUS), aborting!"
exit 1
fi
echo -e "\e[92mftp-user created successfully!"
#make sure folder was created
if [ ! -d "/home/$USER" ]
then
mkdir "/home/$USER"
fi
#setup and give access to user folder
chown root:root "/home/$USER"
mkdir "/home/$USER/uploads"
chown "$USER:$USER" "/home/$USER/uploads"
#we want it all secure!
openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem
#change more settings
add_options -F $CONF_FILE rsa_cert_file /etc/ssl/private/vsftpd.pem rsa_private_key_file /etc/ssl/private/vsftpd.pem \
ssl_enable YES allow_anon_ssl NO allow_anon_ssl YES force_local_logins_ssl YES ssl_tlsv1 YES ssl_sslv2 NO \
ssl_sslv3 NO require_ssl_reuse NO ssl_ciphers HIGH
#restart with config and all done (YAY!)
service vsftpd restart
STATUS=$?
if [ $STATUS != 0 ]
then
echo -e "\e[31mCould not restart vsftp deamon ($STATUS), aborting!"
exit 1
fi
echo -e "\e[92mInstallation done!"
netstat -npl | grep :21
ifconfig eth0| grep 'inet addr:'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment