Thư mục anonymous ftp linux
IntroductionFTP, short for File Transfer Protocol, is a network protocol that was once widely used for moving files between a client and server. It has since been replaced by faster, more secure, and more convenient ways of delivering files. Many casual Internet users expect to download directly from their web browser with Show FTP is often used to support legacy applications and workflows with very specific needs. If you have a choice of what protocol to use, consider exploring the more modern options. When you do need FTP, though, vsftpd is an excellent choice. Optimized for security, performance and stability, vsftpd offers strong protection against many security problems found in other FTP servers and is the default for many Linux distributions. In this tutorial, we’ll show you how to set up vsftpd for an anonymous FTP download site intended to widely distribute public files. Rather than using FTP to manage the files, local users with PrerequisitesTo follow along with this tutorial you will need:
Once you have the server in place, you’re ready to begin. Step 1 — Installing vsftpdWe’ll start by updating our package list and installing the
When the installation is complete, we’ll copy the configuration file so we can start with a blank configuration, saving the original as a backup.
With a backup of the configuration in place, we’re ready to configure the firewall. Step 2 — Opening the FirewallFirst, let’s check the firewall status to see if it’s enabled and if so, to see what’s currently permitted so that when it comes time to test the configuration, you won’t run into firewall rules blocking you.
In our case, we see the following:
You may have other rules in place or no firewall rules at all. In this example, only With many applications, you can use
Now our firewall rules looks like:
With Step 3 — Preparing Space for FilesFirst, we’ll create the directory where we plan to host the files, using the
Next, we’ll set the directory permissions to
Finally, we’ll make a file in the directory for testing later.
With this sample file in place, we’re ready to configure the vsftpd daemon. Step 4 — Configuring Anonymous AccessWe’re setting up for users with The configuration file contains some of the many configuration options for vsftpd. We’ll start by changing ones that are already set:
Find the following values and edit them so they match the values below: /etc/vsftpd.conf
In addition to changing existing settings, we’re going to add some additional configuration. Note: You can learn about the full range of options with the Add these settings to the configuration file. They are not dependent on the order, so you can place them anywhere in the file.
Note: If you are using UFW, these settings work as-is. If you’re using Iptables, you may need to add rules to open the ports you specify between Once those are added, save and close the file. Then, restart the daemon with the following command:
If the final line says look like the following, you’ve succeeded:
Now we’re ready to test our work. Step 5 — Testing Anonymous AccessFrom a web browser enter ftp:// followed by the IP address of your server. ftp://203.0.113.0 If everything is working as expected, you should see
the You should also be able to click into You can also test from the command-line, which will give much more feedback about your
configuration. We’ll ftp to the server in passive mode, which is the Note: The native Windows command-line FTP client,
When prompted for a username, you can enter either “ftp” or “anonymous”. They’re equivalent, so we’ll use the shorter “ftp”:
After pressing enter, you should receive the following:
Ensure that passive mode is working as expected:
As the anonymous user, you should be able to transfer the file to your local machine with the
This output tells you that you’ve succeeded at downloading the file, and you can take a peek to see that it’s on your local file system if you like. We also want to be sure anonymous users won’t be filling our file system, so to test, we will turn right around and try to put the same file back on the server, but with a new name.:
Now that we’ve confirmed this, we’ll exit the monitor in preparation for the next step:
Now that we’ve confirmed the anonymous connection is working as expected, we’ll turn our attention to what happens when user tries to connect. Step 6 — Trying to Connect as a UserYou might also want to be sure that you cannot connect as a user with a local account since this set up does not encrypt their login credentials. Instead of entering “ftp” or “anonymous” when you’re prompted to log in, try using your sudo user:
These tests confirm that you set up the system for anonymous downloading only. ConclusionIn this tutorial we covered how to configure vsftpd for anonymous downloads only. This allows us to support legacy applications unable to use more modern protocols or widely-published FTP urls that would be difficult to update. To learn more about maintaining the files, How To Use SFTP to Securely Transfer Files with a Remote Server can guide you. |