FTP service setup
Setup vsftpd
sudo apt-get install vsftpd -y
Start vsftpd
- check whether the port 21 is working
sudo netstat -nltp | grep 21
- if the above not start, you can do it manually
sudo systemctl start vsftpd.service
- check whether the port 21 is working
Config the User directory
- make a directory
sudo mkdir /home/uftp
- make a welcome file
sudo touch /home/uftp/welcome.txt
- config user and create passwd
sudo useradd -d /home/uftp -s /bin/bash uftp
sudo passwd uftp
- remove the file to avoid login failed.
sudo rm /etc/pam.d/vsftpd
- make a directory
Do some limitation
- make the user only access the ftp instead of login the server
sudo usermod -s /sbin/nologin uftp
config again
sudo chmod a+w /etc/vsftpd.conf
# 限制用戶對主目錄以外目錄訪問 chroot_local_user=YES # 指定一個 userlist 存放允許訪問 ftp 的用戶列表 userlist_deny=NO userlist_enable=YES # 記錄允許訪問 ftp 用戶列表 userlist_file=/etc/vsftpd.user_list # 不配置可能導致莫名的530問題 seccomp_sandbox=NO # 允許文件上傳 write_enable=YES # 使用utf8編碼 utf8_filesystem=YES
- create the access file for user list
sudo touch /etc/vsftpd.user_list
sudo chmod a+w /etc/vsftpd.user_list
modify the user_list as followed:
uftp
- create the access file for user list
config the access authority
- the main dir only read
sudo chmod a-w /home/uftp
- the pulic dir can be read and wrote
sudo mkdir /home/uftp/public && sudo chmod 777 -R /home/uftp/public
- restart the service
sudo systemctl restart vsftpd.service
- make the user only access the ftp instead of login the server
Prepare the domain and just make the analyze ip then everything will be ok.