VSFTP
Installation phase
- Login to the server using Root account.
- Install from the RHEL 5.4 DVD the following RPM:
rpm -ivh vsftpd-2.0.5-16.el5.i386.rpm
- Create a group for FTP users:
groupadd ftp-users
- Create folder for the FTP:
mkdir -p /ftp
- Change ownership and permissions on the FTP folder:
chown root:ftp-users /ftp
chmod 777 -R /ftp - Example of user creation:
useradd -g ftp-users -d /ftp user1
passwd user1
- Edit using VI, the file /etc/vsftpd/vsftpd.conf
Change from:
anonymous_enable=YES
To:
anonymous_enable=NO
Change from:
xferlog_std_format=YES
To:
xferlog_std_format=NO
Change from:
#tftpd_banner=Welcome to blah FTP service.
To:
tftpd_banner=Secure FTP server
Add the lines bellow:
local_root=/ftp
userlist_file=/etc/vsftpd/user_list
userlist_deny=NO
vsftpd_log_file=/var/log/vsftpd.log
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
ssl_ciphers=ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
rsa_cert_file=/etc/vsftpd/vsftpd.pem
- Run the command bellow to create VSFTP SSL key:
openssl req -x509 -nodes -newkey rsa:1024 -keyout /etc/vsftpd/vsftpd.pem -out /etc/vsftpd/vsftpd.pem
Note: The command above should written as one line.
- Edit using VI, the file /etc/vsftpd/user_list and add members of the FTP-Users group to this list.
- Run the command bellow to manually start the VSFTP service:
/etc/init.d/vsftpd start
- Run the command bellow to configure the VSFTP to start at server startup:
chkconfig vsftpd on
Tinggalkan komentar