Making of FTP Server On Ubuntu Linux and the editing of FTP Config File


#1

Dear Sir,

Honestly And Heartily Requesting you is…

I have installed Ubuntu Linux thereafter installed vsftpd using apt-get install vsftpd. then I have seen service status of FTP server and FTP Config File herewith enclosed it. On FTP server, I have created users like this…

Username : mech Username : arch Username : ip Username : civil
Password : mech Password : arch Password : ip Password : civil

Remotely logging in to the FTP Server using these users only, not other users if others users are active, then how other users should be blocked?

Now My Questions are…

1) anonymous should be disabled in FTP Server
2) write_enable should be disabled in FTP server
3) only above users can access the stored information, no one should be upload.
4) how to keep softwares in FTP server, in which directory, particular user can access the particular softwares
Example:-suppose mech user can access the Ubuntu 64 bit ISO File only, not REDHAT Linux, in the same way, ip user can access REDHAT linux ISO file only, not Ubuntu 64 bit ISO. Its an Example.

I have no idea about whichone should be made YES and whichone should be made NO in FTP Config File.

I have No Idea about where to keep the softwares in FTP server.

Please Kindly Help me Sir,

Thanking you Sir,

Kind Regards,

Basavaraj From India.

is there button to attach my documents?


#2

Hi Basavaraj,

1) anonymous should be disabled in FTP Server

anonymous_enable=NO

2) write_enable should be disabled in FTP server

Can you be more clear about this what you mean !

3) only above users can access the stored information, no one should be upload.

create a new file called /etc/vsftpd.userlist and add all users :
mech
arch
ip
civil

One username per line. Then edit your config file and add:
userlist_file=/etc/vsftpd.userlist
userlist_enable=NO
local_enable=YES

The above will make sure that only your 4 users can access ftp server. Once you edited your ftp config you need to restart.

4) how to keep softwares in FTP server, in which directory, particular user can access the particular softwares

This will be in their home directory so for example your mech user will be /home/mech and arch /home/arch.

Hope this helps

Lubos


#3

Dear Sir,

I am very wholeheartedly thankful to you sir for giving me reply. There is Small problem in My FTP Server regarding the STATIC IP ADDRESS.

In our institute. we have DHCP server range is from 10.10.1.0 to 10.10.255.255… This DHCP Server gives IP Addresses to all computers including My “FTP Server Computer Ubuntu 12.04” Once we have got DHCP Address, you can access Internet in DHCP CLIENT COMPUTERS same way in FTP Server Computer. So Now Problem is… Every or couple of days after… FTP Server’s IP Address gets changed… then thereafter, I have statically configured IP Address in FTP Server in the same Range of DHCP Server…i.e. 10.10.80.180. Now By configuring Static IP Address, I can access Internet on FTP Server computer and also I can access other computers… other computers take IP Addressess from DHCP Server. Both FTP Server Static IP Address and other computers dynamically assigned IP Addresses are in same range.Therefore, communicating taking place without any Problem.

But Sometimes, my FTP Server does connect internet. Again I do reconfiguration and restart service. then It will work again normally. it happens every couple of days.

For that, is there anything needs to be done?

On Internet, Someone said that " you need to edit Network Manager file, in that " managed=true, default= false.
someone said that “you have to remove dhcp-client package from Computer, put Static IP Address Then it will be remain same static IP Address always” There is no conflict.

Sir, My Questions are…

is there solution for…Once I put IP Address statically it never gets changed. is there?

it should not be raised conflicts in IP Address.?

So many questions are there but how to express them…because my english is very poor.

Thanking you Sir,

Please help me in this regard…

Kind Regards,

Basavaraj From India.


#4

Dear Sir,

like this I have statically configured network interfaces

auto eth0
iface eth0 inet static

           address        10.10.80.180
           netmask        255.255.0.0 (as per my Knowledge default subnet mask Class A =255.0.0.0 ) In our CyberRoom Device,They have made subnet Mask 255.255.0.0
           network        10.10.80.0
           broadcast     10.10.80.255
           gateway       10.10.1.2

Edited the /etc/resolv.conf file by adding the 10.10.1.2 this is our DNS server Address.

nameserver 10.10.1.2
nameserver 208.67.222.222
nameserver 208.67.220.220

Once I did the above mentioned configuration, I get internet and everything.

after rebooting Ubuntu 12.04 FTP Server Computer, everything gets removed from resolv.conf. just like empty file. above IP Addresses will not be there and internet will not be there as well.

If I add again these IP Addresses in resolv.conf. then Internet starts again… it is happening like this.

Sir, You help is very very Important for me to learn these things. it is my honest request to you.

Thanking you,

Kind Regards,

Basavaraj From India.


#5

Dear Sir,

This is my wholeheartedly request to you to help me in this regard(Always). One Most important thing is that…I have kept a lot of hopes in you with intense faith and Devotion.

This is Basavaraj From India.


#6

Sorry Basavaraj, I’m quite busy currently with other things. Is this fixed now? Or you still need some help?


#7

Dear Sir,

Very honestly requesting you to help me…Sir Could you willingly help me Now?

I am totally spending my time on it.

So Please kindly do the help Step by Step

I am working on FTP Server Configuration…

Kind Regards,

Basavaraj From India.


#8

Hi,

Describe you current problem so we can help you.

thank you


#9

Dear sir,

default user account during the installation of Ubuntu is ‘teach’
newely created user account for testing FTP Server is ‘ubuntu’ This user has been added to /etc/vsftpd.userlist file.
added all these three lins
userlist_file=/etc/vsftpd.userlist
userlist_enable=NO
local_enable=YES

service restarted

after that remotely accessed both users but it should not be opened by teach user ---------is it correct sir?

Files are not getting attached here So Please tell me how to attache and Please me in details.

sir can you come online ? It would be great helpfull

I am really getting disappointed on over this issue…

Sir please give me your E-mail ID

I will attache all things in detail…

sincerely Thanking you,

Basavaraj From india.


#10

Dear Sir,

is there any problem in my side…?

Why are you not understanding my problem?

If you want Problem information in detailed Manner, I will give you

Atleast tell me Something Sir

I always wish you to be happy.

Kind Regards,

Basavaraj From India.


#11

Hi,

simply paste config file here. Also did you try to use command line to connect to your ftp? If not try it and paste output of your command line here.

thank you

Lubos


#12

Dear Sir,

I have created NEW* following users as mentioned below with fresh installation of Ubuntu

teach**** sudo user created during the ubuntu installation

ubuntu

richard

petersen

mcmillan*


michael

smith

tom

  • These users are local and normal users have been created by me. I want only 5 users to be added to ftp users those are teach, ubuntu, richard, petersen and mcmillan.

now my questions is…

  1. how to add these 5 users to FTP user list and those users to be restricted to their home directory.?

I am willingly requesting you to help me in this regard in the detailed manner or Step by Step

Sir, I will explain you Each and Everthing in detailed manner later to your Questions

This moment, request you to answer this above mentioned question.

With thanks and kind regards

Basavaraj From India.


#13

Example config file /etc/vsftpd.conf

The default compiled in settings are fairly paranoid. This sample file

loosens things up a bit, to make the ftp daemon more usable.

Please see vsftpd.conf.5 for all compiled in defaults.

READ THIS: This example file is NOT an exhaustive list of vsftpd options.

Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd’s

capabilities.

Run standalone? vsftpd can run either from an inetd or as a standalone

daemon started from an initscript.

listen=YES

Run standalone with IPv6?

Like the listen parameter, except vsftpd will listen on an IPv6 socket

instead of an IPv4 one. This parameter and the listen parameter are mutually

exclusive.

#listen_ipv6=YES

Allow anonymous FTP? (Disabled by default)

anonymous_enable=NO

Uncomment this to allow local users to log in.

local_enable=YES

Uncomment this to enable any form of FTP write command.

#write_enable=YES

Default umask for local users is 077. You may wish to change this to 022,

if your users expect that (022 is used by most other ftpd’s)

#local_umask=022

Uncomment this to allow the anonymous FTP user to upload files. This only

has an effect if the above global write enable is activated. Also, you will

obviously need to create a directory writable by the FTP user.

#anon_upload_enable=YES

Uncomment this if you want the anonymous FTP user to be able to create

new directories.

#anon_mkdir_write_enable=YES

Activate directory messages - messages given to remote users when they

go into a certain directory.

dirmessage_enable=YES

If enabled, vsftpd will display directory listings with the time

in your local time zone. The default is to display GMT. The

times returned by the MDTM FTP command are also affected by this

option.

use_localtime=YES

Activate logging of uploads/downloads.

xferlog_enable=YES

Make sure PORT transfer connections originate from port 20 (ftp-data).

connect_from_port_20=YES

If you want, you can arrange for uploaded anonymous files to be owned by

a different user. Note! Using “root” for uploaded files is not

recommended!

#chown_uploads=YES
#chown_username=whoever

You may override where the log file goes if you like. The default is shown

below.

#xferlog_file=/var/log/vsftpd.log

If you want, you can have your log file in standard ftpd xferlog format.

Note that the default log file location is /var/log/xferlog in this case.

#xferlog_std_format=YES

You may change the default value for timing out an idle session.

#idle_session_timeout=600

You may change the default value for timing out a data connection.

#data_connection_timeout=120

It is recommended that you define on your system a unique user which the

ftp server can use as a totally isolated and unprivileged user.

#nopriv_user=ftpsecure

Enable this and the server will recognise asynchronous ABOR requests. Not

recommended for security (the code is non-trivial). Not enabling it,

however, may confuse older FTP clients.

#async_abor_enable=YES

By default the server will pretend to allow ASCII mode but in fact ignore

the request. Turn on the below options to have the server actually do ASCII

mangling on files when in ASCII mode.

Beware that on some FTP servers, ASCII support allows a denial of service

attack (DoS) via the command “SIZE /big/file” in ASCII mode. vsftpd

predicted this attack and has always been safe, reporting the size of the

raw file.

ASCII mangling is a horrible feature of the protocol.

#ascii_upload_enable=YES
#ascii_download_enable=YES

You may fully customise the login banner string:

#ftpd_banner=Welcome to blah FTP service.

You may specify a file of disallowed anonymous e-mail addresses. Apparently

useful for combatting certain DoS attacks.

#deny_email_enable=YES

(default follows)

#banned_email_file=/etc/vsftpd.banned_emails

You may restrict local users to their home directories. See the FAQ for

the possible risks in this before using chroot_local_user or

chroot_list_enable below.

#chroot_local_user=YES

You may specify an explicit list of local users to chroot() to their home

directory. If chroot_local_user is YES, then this list becomes a list of

users to NOT chroot().

#chroot_local_user=YES
#chroot_list_enable=YES

(default follows)

#chroot_list_file=/etc/vsftpd.chroot_list

You may activate the “-R” option to the builtin ls. This is disabled by

default to avoid remote users being able to cause excessive I/O on large

sites. However, some broken FTP clients such as “ncftp” and “mirror” assume

the presence of the “-R” option, so there is a strong case for enabling it.

#ls_recurse_enable=YES

Debian customization

Some of vsftpd’s settings don’t fit the Debian filesystem layout by

default. These settings are more Debian-friendly.

This option should be the name of a directory which is empty. Also, the

directory should not be writable by the ftp user. This directory is used

as a secure chroot() jail at times vsftpd does not require filesystem

access.

secure_chroot_dir=/var/run/vsftpd/empty

This string is the name of the PAM service vsftpd will use.

pam_service_name=vsftpd

This option specifies the location of the RSA certificate to use for SSL

encrypted connections.

rsa_cert_file=/etc/ssl/private/vsftpd.pem

userlist_file=/etc/vsftpd.userlist

userlist_enable=NO

local_enable=YES

The Changes whatever I have made have been highlighted…Kindly Do the help


#14

Dear sir,

This is my created File in /etc/vsftpd.userlist

root@server40:/etc# gedit vsftpd.userlist

in that file

only one user I added ……

that is … ubuntu

is it correct sir?
Whether created file is in correct path /etc/vsftpd.userlist?

Please kindly do the help


#15

Microsoft Windows XP [Version 5.1.2600]
© Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Administrator>ftp 10.10.3.180
Connected to 10.10.3.180.
220 (vsFTPd 2.3.2)
User (10.10.3.180:(none)): ubuntu
331 Please specify the password.
Password:
230 Login successful.
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
Desktop
Documents
Downloads
Music
Pictures
Public
Templates
Videos
examples.desktop

226 Directory send OK.
ftp: 93 bytes received in 0.00Seconds 93000.00Kbytes/sec.
ftp>


#16

This is my humbly request to you to help me Sir.

Realy I am troubling and suffering of This Configuration file

Please kindly do help…Always


#17

Dear Sir (lrendek),

Are you busy with other works ?

are anything mistakes of mine?

Sorry for that.

Do help as early as possible

I heartily thank you Sir.


#18

Hi Basavaraj,

When yous server does not get connected to the INTERNET there may be multiple reasons for this.From my experience it could be:

[ul]
[li]no nameservers defined [/li][li]incorrect gateway [/li][li]IP conflict [/li][li]incorrect gateway [/li][li]and more [/li][/ul]

is there solution for…Once I put IP Address statically it never gets changed. is there?

The easiest solution to this would be to configure your router to release same IP address to your server when ever a request has been made.To do that run ifconfig command on your server and take a note of the MAC address assigned to you network interface. For example:

# ifconfig eth0
eth0      Link encap:Ethernet  HWaddr [B]3c:97:0e:02:98:c8[/B]  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
          Interrupt:20 Memory:f1600000-f1620000 

Then go to admin backend of your router and set host with MAC 3c:97:0e:02:98:c8 ( your MAC will be different ) to have a same address every time a request have been made ( DHCP Reservations ). Then set DHCP on your server.

it should not be raised conflicts in IP Address.?

When you set it up as explained above you will also avoid conflicts!!!

Hope this helps…

Lubos


#19

"When yous server does not get connected to the INTERNET there may be multiple reasons for this.From my experience it could be:

no nameservers defined
incorrect gateway
IP conflict
incorrect gateway "

Sir, There is no picture of assigning DHCP or any other things. Simply I wan to make FTP Server with your help

My ubuntu FTP Server Computer IP Address is 10.10.80.180, I put IP Address Statically.

Please Understand my thoughts and my views Clearly and easily .

Please take this Picture as an example- I have 5 local users are like this… tom, petersen, michael, user1 and user2. These users have been created in UBUNTU FTP Server.

These users have to be added into the FTP USER LIST—how to add these users into FTP? This is my Question.

I will put next question after your reply…

Please help me in this regard in easy way.

I am getting confused about this.


#20

[QUOTE=Basavaraj;2356]"When yous server does not get connected to the INTERNET there may be multiple reasons for this.From my experience it could be:

no nameservers defined
incorrect gateway
IP conflict
incorrect gateway "

Sir, There is no picture of assigning DHCP or any other things. Simply I wan to make FTP Server with your help

My ubuntu FTP Server Computer IP Address is 10.10.80.180, I put IP Address Statically.

Please Understand my thoughts and my views Clearly and easily .

Please take this Picture as an example- I have 5 local users are like this… tom, petersen, michael, user1 and user2. These users have been created in UBUNTU FTP Server.

These users have to be added into the FTP USER LIST—how to add these users into FTP? This is my Question.

I will put next question after your reply…

Please help me in this regard in easy way.

I am getting confused about this.[/QUOTE]

Dear Sir,

Whether you do help or not

Its my humble request to you

otherwise come skype, help me live on skype