Hello everybody. I used to use vsftpd for centos, fedora or enterprise
redhat linux. But this is first time I’m intalling it in opensuse. I am
used to with /var/ftp/pub ( anonymous directory) for anonymous user. But
I couldn’t find any in opensuse. So what is the anonymous directory by
default in opensuse? Or I have to create account and do
“chown_uploads=YES and chown_username=xxx”. It’s weird. Is there anyway
that somebody can access anonymously and read and write files. And I am
also curious if there is any special security features in opensuse for
vsftpd.
You can find out what files and directories are contained in the vsftpd
package by:
rpm -ql vsftpd
Then look for a likely directory. My guess would be /srv/ftp.
I think you can apply an apparmor profile to vsftpd (sorry, don’t ask
me how it’s done), and you can also configure ftp over SSL, if you don’t
want accounts and passwords to go in plaintext over the Internet. I
don’t have a tute, but you should be able to find one by searching for
vsftpd ssl.
Another thing you can do is dissociate ftp accounts from login accounts
by using a different authentication base, like Berkeley DB or MySQL to
store the names and passwords.