Difference between revisions of "Redhat:FTP basic config"
Jump to navigation
Jump to search
(Created page with "== Configuration Directives == A complete list of available directives can be found in the man page for vsftpd.conf. They are split into three categories: boolean, numeric a...") |
|||
| Line 38: | Line 38: | ||
idle_session_timeout=600 #logs users out after a period of inactivity | idle_session_timeout=600 #logs users out after a period of inactivity | ||
| + | data_connection_timeout=120 #stops data transfers after period of inactivity | ||
| + | |||
| + | nopriv_user=ftpsecure #default nonprivlidged user, defaults to 'nobody' | ||
| + | |||
| + | async_abor_enable=YES #Allows some servers to about requests | ||
| + | |||
| + | ls_recurse_enable=YES #Some Clients needs to be able to deal with recursive file lists | ||
| + | |||
| + | ascii_upload_enable=YES #Disbaled by default | ||
| + | ascii_download_enable=YES #Disbaled by default | ||
| + | |||
| + | deny_email_enable=YES #Older servers had secuity based on emails. They were denyied if the email was in the banned file | ||
| + | banned_email_file=/etc/vsftpd/banned_emails | ||
| + | |||
| + | listen=YES #Use IPv4 Network, both of these directives cannot be enabled | ||
| + | #listen_ipv6=YES | ||
| + | |||
| + | pam_service_name=vsftpd #used for Redhat PAM user lists | ||
| + | |||
| + | userlist_enable=YES #refers to the user_list file to prevent access by privileged users | ||
| + | |||
| + | tcp_wrappers=YES #Allow the use of TCP wrappers | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Latest revision as of 09:07, 12 September 2013
Configuration Directives
A complete list of available directives can be found in the man page for vsftpd.conf. They are split into three categories: boolean, numeric and string.
Main vsFTP config file
The main configuration file is /etc/vsftpd.conf.
anonymous_enable=YES #enabled by default, set to no to prevent anonymous access
local_access=YES #disabled by default, must be disabled to allow anonymous downloads.
chroot_local_user=YES #prevent access to the / directory by limiting users to home directories
write_enable=YES # allow users to write files
local_umask=022 #permissions for new files
anon_upload_enable=YES # allow anonymous uploads, requires a directory with correct permissions and context
anon_mkdir_write=YES # allow anonymous users to create directories
chown_uploads=YES #Set the user on new files
chown_username=whoever #User who owns files - SHOULD NOT BE ROOT
ftpd_banner=Welcome to blah #message displayed on logging in
dirmessage_enable=YES # looks for a .messgae file and sends it to the client
xferlog_enable=YES #logging of both uploads and downloads
xferlog_file #chnage to logs from /var/log/vsftpd.log
xferlog_std_format=YES #logs will contin the date, time, IP, user and more
connect_from_port_20=YES #Some FTPs require communication using port 20
idle_session_timeout=600 #logs users out after a period of inactivity
data_connection_timeout=120 #stops data transfers after period of inactivity
nopriv_user=ftpsecure #default nonprivlidged user, defaults to 'nobody'
async_abor_enable=YES #Allows some servers to about requests
ls_recurse_enable=YES #Some Clients needs to be able to deal with recursive file lists
ascii_upload_enable=YES #Disbaled by default
ascii_download_enable=YES #Disbaled by default
deny_email_enable=YES #Older servers had secuity based on emails. They were denyied if the email was in the banned file
banned_email_file=/etc/vsftpd/banned_emails
listen=YES #Use IPv4 Network, both of these directives cannot be enabled
#listen_ipv6=YES
pam_service_name=vsftpd #used for Redhat PAM user lists
userlist_enable=YES #refers to the user_list file to prevent access by privileged users
tcp_wrappers=YES #Allow the use of TCP wrappers