Working with Linux howtos

Moving Files Around: Setting up FTP

FTP (File Transfer Protocol) is a common way of moving files between computers.  By default your RimuHosting server will not have FTP enabled.

Do you really need to run FTP? For example, if you are going to be the only person moving files to and from your server, then you may not need it.  Try our scp/sftp howto instead.

To install vsftp on your system run: [root@vps ~]# apt-get install vsftpd

To enable FTP, first edit the vsftpd.conf file (e.g. vi /etc/vsftpd/vsftpd.conf).  Then:

Then create a non-super user that vsftp will run as. In Debian Squeeze a "ftp" user is created for this purpose when you install the vsftpd package.   Note: this is not the FTP username you'll use when logging into your FTP server.

[ -e /etc/vsftpd/vsftpd.conf ] && VSFTPD=/etc/vsftpd/vsftpd.conf
# create an unpriviledged user that will run the vsftpd service
if [ -e /etc/redhat-release ]; then
adduser -s /sbin/nologin ftpsecure
sed --in-place 's/^anonymous_enable=YES/anonymous_enable=NO/ig' $VSFTPD
sed --in-place 's/^anon_upload_enable=YES/anon_upload_enable=NO/ig' $VSFTPD

Then, most redhat distributions you can then run:

chkconfig --level 35 vsftpd on && /etc/init.d/vsftpd start

The ftp daemon will not let you log in as root (?why?).  Try a log in as a non-super user.  To create such a user:

# add the user, use the -s (shell) option if you do not want the 
# user to be able to ssh into the server (else skip it)
adduser -s /sbin/nologin yourusername
passwd yourusername
# you will be prompted for a password
# now, log in to your ftp server using this username and password

Locking FTP Users Into Their Home Directories

By default FTP users can read and write files any files on the server, provided they have access to read/write those files.

You can also set things up so that FTP users only see files under their home directory.  This can often be a more secure setup.  To do this just add chroot_local_user=YES in vsftpd.conf (and restart vsftpd). e.g.

[ -e /etc/vsftpd/vsftpd.conf ] && VSFTPD=/etc/vsftpd/vsftpd.conf
sed --in-place 's/^anonymous_enable=YES/anonymous_enable=NO/ig' $VSFTPD
sed --in-place 's/^anon_upload_enable=YES/anon_upload_enable=NO/ig' $VSFTPD
if ! test -e $VSFTPD; then 
    echo $VSFTPD not found
elif grep -qai chroot_local_user=YES $VSFTPD; then 
    echo "chroot_local_user directive already existed"
    echo "Adding the chroot_local_user directive"
    echo "chroot_local_user=YES" >> $VSFTPD
/etc/init.d/vsftpd restart

When a user logs in, if there directory was /home/user/html, they would see /html. They're locked into /home/user, and /home/user becomes their root (/) directory.