Scribd
Upload
73 views2 pages

The Anonymous FTP Directory Is - If You Want To Change It To Another Directory, Do: or in Some Cases: and Edit This Variable

Uploaded by

Rama
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
73 views2 pages

The Anonymous FTP Directory Is - If You Want To Change It To Another Directory, Do: or in Some Cases: and Edit This Variable

Uploaded by

Rama
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

FTP default directory change:

the anonymous FTP directory is /var/ftp/. If you want to change it to another directory, do:
sudo vi /etc/vsftpd.conf
or in some cases:
sudo vi /etc/vsftpd/vsftpd.conf
and edit this variable:
anon_root=/NewDirectoryPath/ftp/

Directive In Uses
Vsftpd.conf
 
anonymous_enable YES Controls whether anonymous logins are permitted or not.
If       enabled, both the usernames ftp and anonymous
are recognised as Anonymous logins.
local_enable YES Controls whether local logins are permitted or not. If
enabled,              normal user accounts in /etc/passwd (or
wherever your PAM config references) may be used to log
in. This must be enabling for any non-anonymous login to
work, including virtual users.
write_enable YES This controls whether any FTP commands which change
the file system are allowed or not. These commands are: 
STOR,  DELE,  RNFR,RNTO, MKD, RMD, APPE and SITE.
local_umask 022 The  value  that the umask for file creation is set to for
local

Users.
anon_upload_enable YES If set to YES, anonymous users will be permitted to upload
files Under certain conditions. For this to work, the option 
  write_enable must be activated, and the anonymous ftp
user must have write permission on desired upload
locations. This setting              is also required or virtual
But it users to upload; by default, virtual   users   are   treated
commented on with anonymous (i.e.  Maximally restricted) privilege.
file, need to
uncomment it.
anon_mkdir_write_enabl YES If set to YES, anonymous users will be permitted to 
e create  new Directories under certain conditions.  For this
  to work, the option write_enable must be activated, and
the anonymous ftp user must have write permission on
the parent directory.
But it
commented on
file, need to
uncomment it.
listen YES If enabled, vsftpd will run in standalone mode. This means
that Vsftpd must not be run from an inetd of some kind.
  Instead, the

Vsftpd executable is run once directly. Vsftpd itself will


then take care of listening for and handling incoming
connections.
 The following are some other options which you can add it in the file for more security.

                Directive options Description

userlist_enable YES/NO If enabled, vsftpd will load a list of usernames,


from the file name given by userlist_file. If a user
tries to log in using a name in this file, they will
be denied before they are asked for a password.
This may be useful in preventing cleartext
passwords being transmitted. See also
userlist_deny.
chroot_local_user YES/NO If set to YES, local users will be  (by  default) 
placed  in  a chroot()  jail  in  their  home
directory after login.  Warning: This option has
security plications, especially if the users have
upload permission, or shell access. Only enable if
you know What you are doing.  Note that these
security implications are Not vsftpd specific. They
apply to all FTP daemons which offer To put local
users in chroot() jails.
local_max_rate In kb          The maximum data transfer rate permitted, in
bytes per second, for local authenticated
Ex: users.              Default: 0 (unlimited)

local_max_rate=1000
anon_max_rate in kb The maximum data transfer rate permitted, in
bytes per second, for anonymous clients.             
Ex: Default: 0 (unlimited)

anon_max_rate=1000
no_anon_password YES/NO When  enabled, this prevents vsftpd from asking
for an anonymous password – the anonymous
user will log straight in.
Here, we will look only into our requirements. Let’s disable anonymous login
by editing the following entry in the config file.

anonymous_enable=NO
Allow local users to login in vsftpd.

local_enable=YES
Enable write access to local users.

write_enable=YES
Put the local users into “chroot jailed” so that they will be denied to access
any part of system files

chroot_local_user=YES
Allow chroot user to write.

allow_writeable_chroot=YES
Restart the vsftpd service.

# systemctl restart vsftpd.service


Set vsftpd to start at system boot.

# systemctl enable vsftpd.service

You might also like