Advertisement
Al0rse

/etc/vsftpd/vsftpd.conf

Jul 15th, 2016
280
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # Example config file /etc/vsftpd/vsftpd.conf
  2. #
  3. # The default compiled in settings are fairly paranoid. This sample file
  4. # loosens things up a bit, to make the ftp daemon more usable.
  5. # Please see vsftpd.conf.5 for all compiled in defaults.
  6. #
  7. # READ THIS: This example file is NOT an exhaustive list of vsftpd options.
  8. # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
  9. # capabilities.
  10. #
  11. # Allow anonymous FTP? (Beware - allowed by default if you comment this out).
  12. anonymous_enable=NO
  13. #
  14. # Uncomment this to allow local users to log in.
  15. local_enable=YES
  16. #
  17. # Uncomment this to enable any form of FTP write command.
  18. write_enable=YES
  19. #
  20. # Default umask for local users is 077. You may wish to change this to 022,
  21. # if your users expect that (022 is used by most other ftpd's)
  22. local_umask=022
  23. #
  24. # Uncomment this to allow the anonymous FTP user to upload files. This only
  25. # has an effect if the above global write enable is activated. Also, you will
  26. # obviously need to create a directory writable by the FTP user.
  27. #anon_upload_enable=YES
  28. #
  29. # Uncomment this if you want the anonymous FTP user to be able to create
  30. # new directories.
  31. #anon_mkdir_write_enable=YES
  32. #
  33. # Activate directory messages - messages given to remote users when they
  34. # go into a certain directory.
  35. dirmessage_enable=YES
  36. #
  37. # The target log file can be vsftpd_log_file or xferlog_file.
  38. # This depends on setting xferlog_std_format parameter
  39. xferlog_enable=YES
  40. #
  41. # Make sure PORT transfer connections originate from port 20 (ftp-data).
  42. connect_from_port_20=YES
  43. #
  44. # If you want, you can arrange for uploaded anonymous files to be owned by
  45. # a different user. Note! Using "root" for uploaded files is not
  46. # recommended!
  47. #chown_uploads=YES
  48. #chown_username=whoever
  49. #
  50. # The name of log file when xferlog_enable=YES and xferlog_std_format=YES
  51. # WARNING - changing this filename affects /etc/logrotate.d/vsftpd.log
  52. #xferlog_file=/var/log/xferlog
  53. #
  54. # Switches between logging into vsftpd_log_file and xferlog_file files.
  55. # NO writes to vsftpd_log_file, YES to xferlog_file
  56. xferlog_std_format=YES
  57. #
  58. # You may change the default value for timing out an idle session.
  59. #idle_session_timeout=600
  60. #
  61. # You may change the default value for timing out a data connection.
  62. #data_connection_timeout=120
  63. #
  64. # It is recommended that you define on your system a unique user which the
  65. # ftp server can use as a totally isolated and unprivileged user.
  66. #nopriv_user=ftpsecure
  67. #
  68. # Enable this and the server will recognise asynchronous ABOR requests. Not
  69. # recommended for security (the code is non-trivial). Not enabling it,
  70. # however, may confuse older FTP clients.
  71. #async_abor_enable=YES
  72. #
  73. # By default the server will pretend to allow ASCII mode but in fact ignore
  74. # the request. Turn on the below options to have the server actually do ASCII
  75. # mangling on files when in ASCII mode.
  76. # Beware that on some FTP servers, ASCII support allows a denial of service
  77. # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
  78. # predicted this attack and has always been safe, reporting the size of the
  79. # raw file.
  80. # ASCII mangling is a horrible feature of the protocol.
  81. #ascii_upload_enable=YES
  82. #ascii_download_enable=YES
  83. #
  84. # You may fully customise the login banner string:
  85. #ftpd_banner=Welcome to blah FTP service.
  86. #
  87. # You may specify a file of disallowed anonymous e-mail addresses. Apparently
  88. # useful for combatting certain DoS attacks.
  89. #deny_email_enable=YES
  90. # (default follows)
  91. #banned_email_file=/etc/vsftpd/banned_emails
  92. #
  93. # You may specify an explicit list of local users to chroot() to their home
  94. # directory. If chroot_local_user is YES, then this list becomes a list of
  95. # users to NOT chroot().
  96. chroot_local_user=YES
  97. #chroot_list_enable=YES
  98. # (default follows)
  99. #chroot_list_file=/etc/vsftpd/chroot_list
  100. #
  101. # You may activate the "-R" option to the builtin ls. This is disabled by
  102. # default to avoid remote users being able to cause excessive I/O on large
  103. # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
  104. # the presence of the "-R" option, so there is a strong case for enabling it.
  105. #ls_recurse_enable=YES
  106. #
  107. # When "listen" directive is enabled, vsftpd runs in standalone mode and
  108. # listens on IPv4 sockets. This directive cannot be used in conjunction
  109. # with the listen_ipv6 directive.
  110. listen=YES
  111. #
  112. # This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6
  113. # sockets, you must run two copies of vsftpd with two configuration files.
  114. # Make sure, that one of the listen options is commented !!
  115. #listen_ipv6=YES
  116.  
  117. pam_service_name=vsftpd
  118. userlist_enable=YES
  119. tcp_wrappers=YES
  120.  
  121. pasv_enable=YES
  122. pasv_min_port=1024
  123. pasv_max_port=1048
  124. pasv_address=52.29.92.235
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement