Header Ads

Installing FTP Ubuntu Server

Installing FTP Ubuntu Server

What is the purpose of installing an FTP server?

The most logical answer that is usually given is the ability to send files to its server. The answer is only half exact. The sending of files can very well be done via an ssh connection with the root account. However, you will have 2 problems
  •  The rights on the files and files will be given to "root" which means that apache / php (identified under www-data 'will have no writing rights)
  •  You can not restrict access to a particular folder such as www
We will describe in this tutorial the installation of an FTP server with right apache / php
As a reminder, the change of ownership of a file file is done as follows
  chown www-data: www-data / var / www 
and recursively (folders + subfolders)
  chown -R www-data: www-data / var / www 

Installing vsftp (very secured ftp)

  apt-get install vsftpd 
Once vsftp installed you will need to create a user with specific rights. In order to secure the set we will use the Berkeley encrypatge library (and related tools). This one is not available in the official packages, the easiest way is to use the command wget and to install it via the command dpkg.
  wget http://en.archive.ubuntu.com/ubuntu/pool/universe/d/db6.0/libdb6.0_6.0.19-3ubuntu1_amd64.debdpkg -i libdb6.0_6.0.19-3ubuntu1_amd64.debapt-get -f install 
  wget http://en.archive.ubuntu.com/ubuntu/pool/universe/d/db6.0/db6.0-util_6.0.19-3ubuntu1_amd64.debdpkg -i db6.0-util_6.0.19-3ubuntu1_amd64.debapt- get -f install 
If the library is not up-to-date you can find the most recent in the Ubuntu universe packages:

Creating a user (ftp user)

We will create two folders
  •  /etc/vsftpd/users.conf/ where our user will be presented with rights and access to directories
  •  / etc / vsftpd / where we will create the user with his password encrypted
  mkdir / etc / vsftpdmkdir /etc/vsftpd/users.confvi / etc / vsftpd / users 
In this file you must fill in the username and password
  adminun_mot_de_passeadmin2un_mot_de_passe2 
Warning ! do not add extra line breaks
We encrypt the file
  db6.0_load -T -t hash -f / etc / vsftpd / users /etc/vsftpd/users.db 
Then we restrict the rights
  chmod 600 / etc / vsftpd / userschmod 600 /etc/vsftpd/users.db 
Finally we give access rights to the files by creating the admin file (admin2 or any other user ID chosen previously)
  vi /etc/vsftpd/users.conf/admin 
We fill this file as follows
  anon_world_readable_only = NOlocal_root = / var / www / write_enable YESanon_upload_enable = = = YESanon_mkdir_write_enable YESanon_other_write_enable = YES 
Or local_root will be the folder to which the admin user will have access
We edit the vsftpd file in the pam.d folder to give the path to the previously created users.db file (without the .db extension)
  vi /etc/pam.d/vsftpd 
Comment the whole file and add these two lines at the end
  auth required pam_userdb.so db = / etc / vsftpd / usersaccount required pam_userdb.so db = / etc / vsftpd / users 

Vsftpd configuration

Last step, just configure the vsftpd.conf file. The lines
  •  guest_username = www-data and nopriv_user = www-data
allow to assign www-data (the apache / php couple) as owner of the files sent via ftp
  vi /etc/vsftpd.conf 
You will have to activate the following elements in the vsftpd.conf file
  # No anonymous access, only local usersanonymous_enable = NOlocal_enable = YES # Enables virtual users # Vsftpd actually uses the user www-dataguest_enable = YESguest_username = www-datanopriv_user = www-datawrite_enable = YES # Restricts the user to its connection folderchroot_local_user = YES # Use PAM for authenticationpam_service_name = vsftpd # Configuration by useruser_config_dir = / etc / vsftpd / users.confallow_writeable_chroot = YES 

Make htaccess / htpasswd files visible

To be able to see and open the htaccess and htpasswd files visible with your ftp software, just add the following lines to the vsftpd conf file
  force_dot_files = YES 

No comments

Powered by Blogger.