How to set up vsftpd on FreeBSD 12?
Set up vsftpd on FreeBSD 12
Before starting with this installation, it is convenient to have sudo enabled for your regular user. It is not mandatory, but this will avoid working directly with the root user.
So, read our post about it:
How to enable sudo on FreeBSD 12?
We will also have to install the nano text editor to make file editing easier:
:~$ sudo pkg install nano
With this, we’ll be able to work quietly.
1.- Install vsftpd on FreeBSD 12
First, you need to install vvsftpd on FreeBSD 12.
So, open the terminal and navigate to the folder where the port is.
:~$ cd /usr/ports/ftp/vsftp
Then, install it with the following command:
:~$ sudo make install clean
During the installation process, you will see a screen as in the image above. You can leave everything as it is.
At the end of the installation, you will see an image similar to this:
Now install another port to increase the security of vsftpd.
:~$ cd /usr/ports/security/pam_pwdfile :~$ sudo make install clean ===> Staging for pam_pwdfile-1.0 ===> Generating temporary packing list install -s -o root -g wheel -m 444 -S pam_pwdfile.so /usr/ports/security/pam_pwdfile/work/stage/usr/local/lib/ ====> Compressing man pages (compress-man) ===> Installing for pam_pwdfile-1.0 ===> Checking if pam_pwdfile is already installed ===> Registering installation for pam_pwdfile-1.0 Installing pam_pwdfile-1.0... ===> Cleaning for pam_pwdfile-1.0
As in the vsftpd installation, you will see an image where you can add a feature or not. Just keep it as it is.
To authenticate vsftpd users correctly, we have to add some lines to a pam.d configuration file
:~$ sudo nano /etc/pam.d/vsftpd auth required /usr/local/lib/pam_pwdfile.so pwdfile /usr/local/etc/vsftpd_login.db account required /usr/lib/pam_permit.so
Save the changes and close the file.
2.- Configuring vsftpd to work properly
Once vsftpd is installed, you have to make settings so you can start and work properly.
First of all, you have to create a new user on the system so you can use the server.
:~$ sudo adduser -v
And then, complete the information with the values you want.
Username: angeloftp Full name: angelo Uid (Leave empty for default): Login group [angeloftp]: Login group is angeloftp. Invite angeloftp into other groups? []: Login class [default]: Shell (sh csh tcsh nologin) [sh]: nologin Home directory [/home/angeloftp]: Home directory permissions (Leave empty for default): Use password-based authentication? [yes]: Use an empty password? (yes/no) [no]: Use a random password? (yes/no) [no]: Enter password: Enter password again: Lock out the account after creation? [no]: Username : angeloftp Password : ***** Full Name : angelo Uid : 1003 Class : Groups : angeloftp Home : /home/angeloftp Home Mode : Shell : /usr/sbin/nologin Locked : no OK? (yes/no): yes adduser: INFO: Successfully added (angeloftp) to the user database. Add another user? (yes/no): no Goodbye!
So, you can modify the user and password parameters. The rest you can keep the same.
Now, let’s modify the vsftpd configuration file. In this file are all the settings we can have. Before modifying it, let’s make a backup of it:
:~$ sudo mv /usr/local/etc/vsftpd.conf /usr/local/etc/vsftpd.conf.bak
And now, yes, you proceed to modify it:
:~$ sudo nano /usr/local/etc/vsftpd.conf
In my case, the configuration that works for me without problems is the following:
anonymous_enable=NO anon_upload_enable=NO anon_mkdir_write_enable=NO local_enable=YES write_enable=YES listen_port=21 dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES xferlog_file=/var/log/vsftpd.log xferlog_std_format=YES secure_chroot_dir=/usr/local/share/vsftpd/empty max_clients=200 max_per_ip=100 chroot_local_user=YES text_userdb_names=YES force_dot_files=NO anon_root=/home/ftp async_abor_enable=YES use_localtime=YES listen=YES background=YES allow_writeable_chroot=YES
Of course, this is an example. You can always explore other options and for that we refer you to the vsftp official documentation.
Again, save the changes and close the file.
Now you have to add users to vsftpd, but first you have to create the file where the users and their passwords will be. To do this, we’ll use a tool called htpasswd. And use this command:
:~$ sudo htpasswd -c -b /usr/local/etc/vsftpd_login.db [username] [password]
Changes the permissions of the created file:
:~$ sudo chmod 0600 /usr/local/etc/vsftpd_login.db
In username and password replace it with the user we created earlier.
In case htpasswd is not available, you can get it by installing the apache web server.
:~$ sudo pkg install apache24 Updating FreeBSD repository catalogue... FreeBSD repository is up to date. All repositories are up to date. The following 8 package(s) will be affected (of 0 checked): New packages to be INSTALLED: apache24: 2.4.41 libnghttp2: 1.40.0 libxml2: 2.9.10 expat: 2.2.8 pcre: 8.43_2 apr: 1.7.0.1.6.1 gdbm: 1.18.1_1 db5: 5.3.28_7 Number of packages to be installed: 8 The process will require 92 MiB more space. 20 MiB to be downloaded. Proceed with this action? [y/N]:
If you want to add new users, you can do it with the following command:
:~$ sudo htpasswd -b /usr/local/etc/vsftpd_login.db USERNAME PASSWORD
Configure vsftpd to start with the system by editing the following file
:~$ sudo nano /etc/rc.conf
And in it he adds the following:
vsftpd_enable="YES"
Finally, the vsftpd service starts.
:~$ sudo /usr/local/etc/rc.d/vsftpd start
Now the creature is alive.
Access to the FTP server
Now that the service is working, we have to test it. Open your favorite web browser and go to ftp://server-ip.
First you will need to enter your username and password and then you will see the following:
You can also use a graphic client on your computer like Filezilla.
Add a new connection and type in your credentials:
After accepting the connection and entering the password, it will connect. And as you can see, everything has been successful:
So, everything’s in order.
Source : https://www.osradar.com/how-to-set-up-vsftpd-on-freebsd-12/
Posted on: March 7, 2022, by : Julian's | 42 views