Next, ensure you turn on or have these flags within the configuration file. $ sudo cp /etc/nf /etc/$ sudo nano /etc/nf So just be aware, and I’ll explain where you need to take extra precautions when you’re there.Ĭonfigure the vsftpd configuration file located in /etc/vsftpd. This is the part that tripped me up, and mostly, it was because of the passive modes. $ sudo chown ftpuser:ftpuser /home/ftpuser/ftp/files 5. $ sudo mkdir /home/ftpuser/ftp/filesĪnd, assign ownership to him. Then, we will create a files sub folder where the user is allowed to upload files to. We do this by using the following command, the flag a-w can be read as ‘all/everyone remove write permissions’ $ sudo chmod a-w /home/ftpuser/ftp Next, set the permissions so that everyone will not be able to have write permissions. $ sudo chown nobody:nogroup /home/ftpuser/ftp Set the ownership of the ftp directory to nobody:nogroup If you are interested in other use cases such as uploading to a web directory, consider following the links shown at the bottom of the page. There are different ways to create the access rights, but I will assume we are using the use case where this user will only be able to upload to his own home directory. DenyUsers ftpuserįinally, save and restart the SSH service $ sudo service sshd restart 4. $ sudo nano /etc/ssh/sshd_configĪdd the following line to the /etc/ssh/sshd_config file. Next, we will limit the user to only be allowed to use FTP and not allow the user to access SSH, we’ll make changes to the /etc/ssh/sshd_config by using the following command. Next, we are going to to create a user with the required credentials and access rights, for this example, we will be creating a FTP user with the username ftpuser. To Action Fromįinally, for these ports that you are allowing, remember to add them to your AWS security groups if you’re using AWS as your cloud provider. This should show something similar to the below. Now that we have enabled, the ufw let’s just check to make sure everything is up and running. $ sudo ufw allow 12000:12100/tcp$ sudo ufw enable So, to do that we will use ufw and the commands are as follows $ sudo ufw allow OpenSSH
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |