FTP Server Configuration
Most
common FTP server configuration is an anonymous-only FTP server that only
allows the anonymous client to download files, and disables all local users and
uploads. In order to configure this, some changes will need to be made to the
vsftpd configuration.
An FTP
deployment best practice is to turn off local user access. When users
authenticate to transfer files to /from a system with FTP, their account names
and passwords are vulnerable to an eavesdropping attacker. (If secure file
transfer is needed by users, the rsync command over SSH, or the SFTP service
provided by sshd are better choices.) Anonymous FTP by its nature is public,
and files provided through anonymous FTP are assumed to be public and not sensitive.
The
vsftpd configuration file is found in
/etc/vsftpd/vsftpd.conf and the document root is found in /var/ftp/.
When you make changes to the FTP server, do not forget to restart the service.
Make
user you understand the following options:
Anonymous_enable=YES: enables the anonymous ftp
server
Local_enable=NO: disable all non-anonymous local
user accounts
Write_enable=NO: disable any user from uploading
files to the FTP server
--- Cheers !!!
No comments:
Post a Comment