Fedora - How to setup an anonymous FTP download server - Printable Version +- Sick Gaming (https://www.sickgaming.net) +-- Forum: Computers (https://www.sickgaming.net/forum-86.html) +--- Forum: Linux, FreeBSD, and Unix types (https://www.sickgaming.net/forum-88.html) +--- Thread: Fedora - How to setup an anonymous FTP download server (/thread-92133.html) |
Fedora - How to setup an anonymous FTP download server - xSicKxBot - 10-24-2019 How to setup an anonymous FTP download server <div><p>Sometimes you may not need to set up a full <a href="https://en.wikipedia.org/wiki/File_Transfer_Protocol">FTP</a> server with authenticated users with upload and download privileges. If you are simply looking for a quick way to allow users to grab a few files, an anonymous FTP server can fit the bill. This article shows you show to set it up.</p> <p> <span id="more-29469"></span> </p> <p>This example uses the <em>vsftp</em> server.</p> <h2>Installing and configuring the anonymous FTP server</h2> <p>Install the vsftp server <a href="https://fedoramagazine.org/howto-use-sudo/">using </a><em><a href="https://fedoramagazine.org/howto-use-sudo/">sudo</a></em>:</p> <pre class="wp-block-preformatted">$ sudo dnf install vsftpd</pre> <p>Enable the vsftp server.</p> <pre class="wp-block-preformatted">$ sudo systemctl enable vsftpd</pre> <p>Next, edit your <em>/etc/vsftpd/vsftpd.conf</em> file to allow anonymous downloads. Make sure you have the following entries.</p> <pre class="wp-block-preformatted">anonymous_enable=YES</pre> <p>This option controls whether anonymous logins are permitted or not. If enabled, both the usernames ftp and anonymous are recognized as anonymous logins.</p> <pre class="wp-block-preformatted">local_enable=NO</pre> <p>This option controls whether local logins are permitted.</p> <pre class="wp-block-preformatted">write_enable=NO</pre> <p>This option controls whether any FTP commands which change the filesystem are allowed.</p> <pre class="wp-block-preformatted">no_anon_password=YES</pre> <p>When enabled, this option prevents <em>vsftpd</em> from asking for an anonymous password. With this setting, the anonymous user will log straight in without one. </p> <pre class="wp-block-preformatted">hide_ids=YES</pre> <p>Enable this option to display all user and group information in directory listings as <em>ftp</em>.</p> <pre class="wp-block-preformatted">pasv_min_port=40000 pasv_max_port=40001</pre> <p>Finally, these options set the minimum and maximum port to allocate for PASV style data connections. Use them to specify a narrow port range to assist firewalling. You should choose a range for ports that aren’t currently in use. This example uses port 40000-40001 to limit the ports to a range of 1.</p> <h2>Final steps</h2> <p>Now that you’ve set the options, add the appropriate firewall rules to allow vsftp connections along with the passive port range you specified. </p> <pre class="wp-block-preformatted">$ firewall-cmd --add-service=ftp --perm $ firewall-cmd --add-port=40000-40001/tcp --perm $ firewall-cmd --reload</pre> <p>Next, configure SELinux to allow passive FTP:</p> <pre class="wp-block-preformatted">$ setsebool -P ftpd_use_passive_mode on</pre> <p>And finally, start the vsftp server:</p> <pre class="wp-block-preformatted">$ systemctl start vsftpd</pre> <p>At this point you have a working FTP server. Place the content you want to offer in <em>/var/ftp</em>. (Typically, system administrators put publicly downloadable content under <em>/var/ftp/pub</em>.) Now you can connect to your server using an FTP client on another system.</p> <hr class="wp-block-separator" /> <p><em>Image courtesy of <a href="https://www.flickr.com/photos/bionicteaching/">Tom Woodward</a> on <a href="https://www.flickr.com/photos/bionicteaching/5972893184/">Flickr</a>, CC-BY-SA 2.0.</em></p> </div> https://www.sickgaming.net/blog/2019/10/22/how-to-setup-an-anonymous-ftp-download-server/ |