VSFTP is an FTP server daemon that runs on Linux/UNIX operating systems. Its primary features are security, performance, and stability. VSFTP includes a number of additional attractive features, including: a small system footprint, the ability to handle virtual users, the choice of operating in a standalone configuration or via the inetd daemon, and bandwidth throttling for more site control. As of this writing, the current version is 1.13, although version 1.2 is a release candidate and may very well be available by the time this article is published. Version 1.13 is a 117-KB archived download. For this demonstration, I am using VSFTP 1.13 on a Red Hat 8.0 server with version 2.4.18-14 of the kernel. Installation
Installing VSFTP is much like installing any other application under Linux. To expand the downloaded archive, switch to the directory in which you saved it and type: gunzip -dc vsftpd-1.1.3.tar.gz | tar xvf - This will create a directory named vsftpd-1.1.3 and put all of the files into it. Switch to that directory by typing cd vsftpd-1.1.3 at the prompt. In this example, I am using a standard configuration, which begins by typing make at the command prompt. If you want to make changes to the configuration, you can edit the builddefs.h file in the distribution before compiling with the make command. If the compilation process is successful, a binary file named vasftpd will be placed into this directory. In my testing, the compilation went quickly and was free of errors. Adding users
VSFTP uses the Linux/UNIX "nobody" user as a part of the default configuration. On most Linux/UNIX operating systems, this user exists by default, but if it doesn't exist on your system(s), you'll need to add it. On my system, I get the following results when I try to add it (which indicates that the user already exists): [root@rh8lab VSFTP d-1.1.3]# /usr/sbin/useradd nobody useradd: user nobody exists
In addition, you need to create an FTP user if you want to support anonymous FTP. If you plan to always authenticate the incoming user, you don't have to do this. However, to preserve the security of VSFTP, the anonymous user's home directory must not be owned by the FTP user, and the user should not have any permissions for it. You can use the commands in Table A to accomplish this.
| mkdir /var/ftp/ | Creates a directory named /var/ftp. |
| /usr/sbin/useradd -d /var/ftp ftp | Creates a user named "ftp" with the home directory /var/ftp. On many systems, this user will already exist. |
| chown root.root /var/ftp | Changes ownership of the /var/ftp directory to the root user. |
| chmod og-w /var/ftp | Removes the write permission from others and groups. |
Creating the FTP user and setting appropriate permissions Next, make sure that the directory /usr/share/empty exists. If not, create it with the mkdir command. Finally, you need to install the executable file, help pages, and so forth, that were previously created during the build process. To do this, change to the directory in which you built vsftpd and type make install. This installs everything you need to begin using VSFTPD except a configuration file. You can copy a sample configuration file to the /etc directory by typing cp vsftpd.conf /etc.
Talkback
How can you have a cool article like this and not give a website URL for the program?