-
-
Save mayurah/0db419387b3e0dde9d91 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
=== VSFTPd with chroot and nginx compatibility === | |
* curator: Mayur Pipaliya [ mayur {at} pipaliya {dot} com ] | |
* copyleft (ɔ) distribute, alter and use at your own risk. | |
* apply necessary alternation accordingly. | |
~~ Install vsftpd, nginx & nano editor ~~ | |
$ sudo apt-get install vsftpd nginx nano | |
* To create user files, enable root by default and adding banner file. | |
$ sudo echo root >> /etc/vsftpd.chroot_list | |
$ sudo echo root >> /etc/vsftpd.user_list | |
$ sudo echo vsftpd to rescue! > /etc/vsftpd.banner | |
* To backup & add vsftpd configuration | |
$ sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.bak && sudo echo > vsftpd.conf | |
$ sudo nano /etc/vsftpd | |
-- vsftpd config snap -- | |
listen=YES | |
anonymous_enable=NO | |
local_enable=YES | |
write_enable=YES | |
local_umask=022 | |
dirmessage_enable=YES | |
use_localtime=YES | |
xferlog_enable=YES | |
connect_from_port_20=YES | |
xferlog_std_format=NO | |
chroot_local_user=NO | |
chroot_list_enable=YES | |
chroot_list_file=/etc/vsftpd.chroot_list | |
banner_file=/etc/vsftpd.banner | |
userlist_enable=YES | |
userlist_deny=NO | |
pam_service_name=vsftpd | |
allow_writeable_chroot=YES | |
pasv_enable=Yes | |
pasv_max_port=40000 | |
pasv_min_port=40100 | |
pasv_addr_resolve=YES | |
# ssl_enable=Yes | |
pasv_address=0.0.0.0 | |
listen_port=21 | |
-- /vsftpd config snap -- | |
~ To Add FTP User & associate it with domain | |
** "/var/www/domain1.com" is home directory for domain 'domain1.com' and ftpuser named as `domain1` | |
** Assuming we are having nginx web server, ftp user should be under group 'nginx' to comply with user/group permissions. | |
$ sudo mkdir /var/www/domain1.com | |
$ sudo useradd --home /var/www/domain1.com --group nginx --shell /bin/sh domain1 | |
$ sudo chmown -R domain1:nginx /var/www/domain1.com | |
$ sudo echo domain1 >> /etc/vsftpd.chroot_list | |
$ sudo echo domain1 >> /etc/vsftpd.user_list | |
* Setting up password | |
$ sudo passwd domain1 | |
--- | |
* To debug vsftpd | |
$ sudo tail -f /var/log/vsftpd.log | |
* To restart vsftpd | |
$ sudo service vsftpd restart | |
* To check vsftpd status | |
$ sudo netstat -tunpl | grep vsftpd && ps aux | grep vsftpd |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment