Friday, April 25, 2014

How to install/setup vsftpd and run it as inetd service.


How to install/setup vsftpd and run it as inetd service.

1. Install vsftpd
# yum install vsftpd
2. Modify /etc/vsftpd/vsftpd.conf file as follows.
#  vi /etc/vsftpd/vsftpd.conf | grep -v \#
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
connect_from_port_20=YES
xferlog_std_format=NO
ascii_upload_enable=YES
ascii_download_enable=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
log_ftp_protocol=YES
Note: “listen=YES” is commented out as follow,
#listen=YES
3. Check the status of vsftpd process.
# chkconfig --list | grep vsftpd
4. It might be off, if not turn it off so that it can be run as inetd based services.
Disable standalone vsftpd service.
# chkconfig vsftpd off
5. Create a file vsftpd under /etc/xinetd.d with the following content.
# vi vsftpd
service ftp
{
        socket_type             = stream
        protocol                = tcp
        wait                    = no
        user                    = root
        server                  = /usr/sbin/vsftpd
#       server_args             =
#       log_on_success          += DURATION USERID
#       log_on_failure          += USERID
#       nice                    = 10
        disable                 = no
}
wq!
# ls -l vsftpd
-rw-r--r-- 1 root root 423 Apr 02 09:45 vsftpd

# cd /etc/xinetd.d/
# ls -l vsftpd
-rw-r--r-- 1 root root 427 Aug  6 15:32 vsftpd

6. Restart the inetd services
# /etc/init.d/xinetd restart [or stop/start]

7. Reverify that vsftpd is not automatically restarting up on reboot.
# chkconfig --list | grep vsftpd
vsftpd 0:off   1:off   2:off   3:off   4:off   5:off   6:off
        vsftpd:         on
8. Verify the content of the file /etc/pam.d/vsftpd
# cat /etc/pam.d/vsftpd

Step-6:  Make sure /etc/pam.d/vsftpd file exists with following contents
#%PAM-1.0
session    optional     pam_keyinit.so    force revoke
auth       required     pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed
auth       required     pam_shells.so
auth       include      system-auth
account    include      system-auth
session    include      system-auth
session    required     pam_loginuid.so
9. Test your ftp connection from your PC to the server with your id.
Note: You can use pftp or wsftp or winscp to test the connection.

No comments:

Post a Comment