vsftpd list.

Issues related to configuring your network
Post Reply
hack3rcon
Posts: 663
Joined: 2014/11/24 11:04:37

vsftpd list.

Post by hack3rcon » 2020/09/05 08:18:25

Hello,
Is this vsftpd setting secure?

Code: Select all

# cat vsftpd.conf

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
log_ftp_protocol=YES
connect_from_port_20=YES
chroot_local_user=YES
listen=NO
listen_ipv6=Yes

pam_service_name=vsftpd


# Home User
userlist_enable=YES
virtual_use_local_privs=YES
userlist_deny=NO

##
ssl_enable=YES
ssl_tlsv1_2=YES
ssl_sslv2=NO
ssl_sslv3=NO

pasv_min_port=40000
pasv_max_port=50000

rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem

allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES

require_ssl_reuse=NO
ssl_ciphers=HIGH

debug_ssl=YES
And:

Code: Select all

# cat ftpusers
# Users that are not allowed to login via ftp
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody
Any opinion welcomed.

Thank you.

hack3rcon
Posts: 663
Joined: 2014/11/24 11:04:37

Re: vsftpd list.

Post by hack3rcon » 2020/09/05 08:28:24

I think "ftpusers" list not working verywell because when I add my current account to this list then I can connect to FTP :(

Post Reply

Return to “CentOS 8 - Networking Support”