vsftpd 2.3.5-3 / usr / share / doc / vsftpd / README.Debian

This file is indexed.

/usr/share/doc/vsftpd/README.Debian is in vsftpd 2.3.5-3.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
Notes on the vsftpd package
===========================

If you want to allow local users to log in via FTP (not a good option
on any public network, since FTP relies upon cleartext passwords), you
should uncomment the "local_enable" line in /etc/vsftpd.conf.



The PAM configuration file for vsftpd, unlike for some other FTP daemons,
should not include pam_ftp.so.  pam_ftp is only for anonymous logins, and
vsftpd has its own handling of anonymous users.



Anonymous FTP by default uses the home diretory and privileges of the "ftp"
user for its root directory.  Installing the vsftpd package for the first
time will create this user.  If you want to use a different user account,
change the value of "ftp_username" in /etc/vsftpd.conf.  You can also change
the root directory by setting anon_root.



If you use virtual users (via PAM and the guest_enable configuration option
in vsftpd.conf), you may want to investigate the virtual_use_local_privs
option.  By default (without this option), guest users (and thus all virtual
users) are treated as anonymous users by the configuration. For instance, to
allow guest users to upload requires setting anon_upload_enable.  However,
with virtual_use_local_privs then write_enable is enough to allow your
virtual users to upload.  This option is new in vsftpd 1.2.0.

If you are using password-protected virtual users you should probably use
virtual_use_local_privs, disable anonymous access, or at least be very
careful of your filesystem layout.  Note that guest users and anonymous
users can run as a different user (see guest_username and ftp_username), but
both will be able to access a world-writeable directory, etc.



This package includes SSL support.  For information about enabling SSL, see
README.ssl.  Be sure to read this file before enabling SSL!

To use SSL you will need a certificate.  You may wish to get a certificate
from a certificate agency; if you only need a self-signed certificate, you
can use the "make-ssl-cert" script from the "ssl-cert" package to
create one, or you can create one manually using the "openssl" command.
The default location for the certificate is /etc/ssl/private/vsftpd.pem;
set "rsa_cert_file" in /etc/vsftpd.conf to look elsewhere.

At a minimum you will need the "ssl_enable" option.  See the vsftpd.conf
manual page for more SSL-related settings.


On Linux systems, if capability support was disabled in the kernel or
built as a module and not loaded, vsftpd will fail to run.  You'll see
this error message:
  500 OOPS: cap_set_proc
Build and load the appropriate kernel module to continue.


The included init script uses start-stop-daemon's --background option to run
vsftpd in the background.  If you have "background=yes" in your configuration,
the wrong PID will be recorded in /var/run/vsftpd/vsftpd.pid, and the init
script may fail to restart or stop vsftpd later.  Just remove "background=yes"
from vsftpd.conf.


For more information on configuring vsftpd, see the vsftpd.conf(5) manual
page, and the included FAQ.

APT Browse - Built by Thomas Orozco.