blog.up-link.ro android bsd linux unix & open-source world

5Apr/106

How To Set Up VSFTPD virtual users ( Berkeley DB + PAM )

vsftpd is a GPL licensed FTP server for UNIX systems, including Linux and FreeBSD. It is secure, stable and extremely fast.

vsftpd will handle:

  • Virtual IP configurations
  • Virtual users
  • Standalone or inetd operation
  • Powerful per-user configurability
  • Bandwidth throttling
  • Per-source-IP configurability
  • Per-source-IP limits
  • IPv6
  • Encryption support through SSL integration
  • etc...

If you are hosting several web sites, for security reasons, you may want the webmasters to access their own files only.  This article describes how you can install and configure vsftpd to work with virtual users.

A virtual user is a user login which does not exist as a real login on the system in /etc/passwd and /etc/shadow file. Virtual users can therefore be more secure than real users, because a compromised account can only use the FTP server but cannot login to system to use other services such as ssh, telnet or smtp.

Print This Post Print This Post
31Mar/100

How To Set Up a FTP server with ProFTPD in Ubuntu

File Transfer Protocol (FTP) is a network protocol used to exchange and manipulate files over a TCP/IP-based network. FTP is built on a client-server architecture and utilizes separate control and data connections between the client and server applications.

ProFTPD is a high-performance and scalable FTP server written from scratch, with a focus toward simplicity, security, and ease of configuration.

ProFTPD Features:

  • Single main configuration file, with directives and directive groups
  • Per directory “.ftpaccess” configuration similar to Apache's ".htaccess".
  • Easy to configure multiple virtual FTP servers and anonymous FTP services.
  • Anonymous FTP root directories do not require any specific directory structure, system binaries or other system files.
  • Designed to run either as a stand-alone server or from inetd/xinetd, depending on system load.
  • No SITE EXEC command. In modern Internet environments, such commands are a security nightmare. ProFTPD does not execute any external programs at any time. The source is available (and must always be available) for administrators to audit.
  • Hidden directories and files, based on Unix-style permissions or user/group ownership.
  • Runs as a configurable non-privileged user in stand-alone mode in order to decrease chances of attacks which might exploit its "root" abilities
  • Logging and utmp/wtmp support with extended logging available.
  • Shadow password suite support, including support for expired accounts.
  • Modular design, allowing server to be extended easily with modules. Modules have been written for SQL databases, SSL/TLS encryption, LDAP servers, RADIUS support, etc.
  • IPv6 support.
Print This Post Print This Post