Ou trovuer de la documentation sur vsftp ?

Ou trovuer de la documentation sur vsftp ? - réseaux et sécurité - Linux et OS Alternatifs

Marsh Posté le 23-10-2003 à 13:34:47    

Voila j'utilise vsftp comme serveur FTP malheureusement j'ai de grandes difficultés à trouver une vrai documentation.
Le man ne dit rien.
 
:/


Message édité par clockover le 23-10-2003 à 13:37:03
Reply

Marsh Posté le 23-10-2003 à 13:34:47   

Reply

Marsh Posté le 23-10-2003 à 13:55:00    

man vsftp.conf ;) il est tres complet je trouve :)

Reply

Marsh Posté le 23-10-2003 à 14:17:30    

arf je l'ai pas celui la :/ tu peux pas fer un petit copier coller ? ;)
Merci d avance


Message édité par clockover le 23-10-2003 à 14:18:13
Reply

Marsh Posté le 23-10-2003 à 14:34:02    

ct man vsftpd.conf pardon ;)

Reply

Marsh Posté le 23-10-2003 à 14:40:17    

pareil j ai essayer ca merde ;)

Reply

Marsh Posté le 23-10-2003 à 14:40:31    

VSFTPD.CONF(5)                                     VSFTPD.CONF(5)
 
NAME
       vsftpd.conf, the config file for vsftpd
 
DESCRIPTION
       vsftpd.conf  may  be  used  to  control various aspects of
       vsftpd's behaviour. By default, vsftpd looks for this file
       at  the location /etc/vsftpd.conf.  However, you may over­
       ride this by specifying a command line argument to vsftpd.
       The  command line argument is the pathname of the configu­
       ration file for vsftpd. This behaviour is  useful  because
       you  may  wish  to use an advanced inetd such as xinetd to
       launch vsftpd with different configuration files on a  per
       virtual host basis.
 
FORMAT
       The  format  of  vsftpd.conf  is very simple. Each line is
       either a comment or a directive. Comment lines start  with
       a # and are ignored. A directive line has the format:
 
       option=value
 
       It  is  important  to  note that it is an error to put any
       space between the option, = and value.
 
       Each setting has a compiled in default which may be  modi­
       fied in the configuration file.
 
BOOLEAN OPTIONS
       Below  is  a  list  of  boolean  options.  The value for a
       boolean option may be set to YES or NO.
 
       anon_mkdir_write_enable
              If set to YES, anonymous users will be permitted to
              create  new  directories  under certain conditions.
              For this to work, the option write_enable  must  be
              activated,  and  the  anonymous  ftp user must have
              write permission on the parent directory.
 
              Default: NO
 
       anon_other_write_enable
              If set to YES, anonymous users will be permitted to
              perform write operations other than upload and cre­
              ate directory, such as deletion and renaming.  This
              is  generally not recommended but included for com­
              pleteness.
 
              Default: NO
 
       anon_upload_enable
              If set to YES, anonymous users will be permitted to
              upload  files under certain conditions. For this to
              work, the option write_enable  must  be  activated,
              and  the anonymous ftp user must have write permis­
              sion on desired upload locations.
 
              Default: NO
 
       anon_world_readable_only
              When enabled, anonymous users will only be  allowed
              to download files which are world readable. This is
              recognising that the ftp user may own files,  espe­
              cially in the presence of uploads.
 
              Default: YES
 
       anonymous_enable
              Controls  whether anonymous logins are permitted or
              not. If enabled, both the usernames ftp and  anony­
              mous are recognised as anonymous logins.
 
              Default: YES
 
       ascii_download_enable
              When  enabled,  ASCII  mode  data transfers will be
              honoured on downloads.
 
              Default: NO
 
       ascii_upload_enable
              When enabled, ASCII mode  data  transfers  will  be
              honoured on uploads.
 
              Default: NO
 
       async_abor_enable
              When enabled, a special FTP command known as "async
              ABOR"  will  be  enabled.   Only  ill  advised  FTP
              clients  will  use  this feature. Addtionally, this
              feature is awkward to handle, so it is disabled  by
              default.  Unfortunately, some FTP clients will hang
              when cancelling a transfer unless this  feature  is
              available, so you may wish to enable it.
 
              Default: NO
 
       chown_uploads
              If  enabled,  all  anonymously  uploaded files will
              have the ownership changed to the user specified in
              the setting chown_username.  This is useful from an
              administrative, and perhaps security, standpoint.
 
              Default: NO
 
       chroot_list_enable
              If activated, you may provide a list of local users
              who  are  placed  in  a chroot() jail in their home
              directory upon login. The meaning is slightly  dif­
              ferent  if chroot_local_user is set to YES. In this
              case, the list becomes a list of  users  which  are
              NOT  to  be placed in a chroot() jail.  By default,
              the    file     containing     this     list     is
              /etc/vsftpd.chroot_list,  but you may override this
              with the chroot_list_file setting.
 
              Default: NO
 
       chroot_local_user
              If set to YES, local users  will  be  placed  in  a
              chroot()  jail in their home directory after login.
              Warning: This  option  has  security  implications,
              especially  if  the  users  also have shell access.
              Only enable if you know what you are doing.
 
              Default: NO
 
       connect_from_port_20
              This controls whether PORT style  data  connections
              use  port  20 (ftp-data) on the server machine. For
              security reasons, some clients may insist that this
              is  the  case.  Conversely,  disabling  this option
              enables vsftpd to run with slightly less privilege.
 
              Default: NO (but the sample config file enables it)
 
       deny_email_enable
              If activated, you may provide a list  of  anonymous
              password  e-mail  responses which cause login to be
              denied. By default, the file containing  this  list
              is  /etc/vsftpd.banned_emails, but you may override
              this with the banned_email_file setting.
 
              Default: NO
 
       dirmessage_enable
              If enabled, users of the FTP server  can  be  shown
              messages  when they first enter a new directory. By
              default, a directory is scanned for the file  .mes­
              sage,  but that may be overridden with the configu­
              ration setting message_file.
 
              Default: NO (but the sample config file enables it)
 
       guest_enable
              If enabled, all non-anonymous logins are classed as
              "guest" logins. A guest login is  remapped  to  the
              user specified in the guest_username setting.
 
              Default: NO
 
       local_enable
              Controls whether local logins are permitted or not.
              If enabled, normal user accounts in /etc/passwd may
              be used to log in.
 
              Default: NO
 
       log_ftp_protocol
              When  enabled,  all  FTP requests and responses are
              logged, providing the option xferlog_std_format  is
              not enabled. Useful for debugging.
 
              Default: NO
       ls_recurse_enable
              When  enabled,  this  setting will allow the use of
              "ls -R". This is a minor security risk,  because  a
              ls  -R at the top level of a large site may consume
              a lot of resources.
 
              Default: NO
 
       one_process_model
              If you have a Linux 2.4 kernel, it is  possible  to
              use  a different security model which only uses one
              process per connection. It is a less pure  security
              model,  but gains you performance. You really don't
              want to enable this unless you know  what  you  are
              doing,  and  your  site  supports  huge  numbers of
              simultaneously connected users.
 
              Default: NO
 
       pasv_enable
              Set to NO if you want to disallow the  PASV  method
              of obtaining a data connection.
 
              Default: YES
 
       pasv_promiscuous
              Set to YES if you want to disable the PASV security
              check that ensures the data  connection  originates
              from the same IP address as the control connection.
              Only enable if you know what  you  are  doing!  The
              only  legitimate  use  for  this is in some form of
              secure tunnelling scheme.
 
              Default: NO
 
       port_enable
              Set to NO if you want to disallow the  PORT  method
              of obtaining a data connection.
 
              Default: YES
 
       setproctitle_enable
              If enabled, vsftpd will try and show session status
              information in the system process listing. In other
              words, the reported name of the process will change
              to reflect what a vsftpd session  is  doing  (idle,
              downloading  etc).  You probably want to leave this
              off for security purposes.
 
              Default: NO
 
       text_userdb_names
              By default, numeric IDs are shown in the  user  and
              group  fields  of  directory  listings. You can get
              textual names by enabling this parameter. It is off
              by default for performance reasons.
 
              Default: NO
 
 userlist_deny
              This option is examined if userlist_enable is acti­
              vated. If you set this setting to  NO,  then  users
              will  be  denied  login  unless they are explicitly
              listed in  the  file  specified  by  userlist_file.
              When  login  is denied, the denial is issued before
              the user is asked for a password.
 
              Default: YES
 
       userlist_enable
              If enabled, vsftpd will load a list  of  usernames,
              from  the  filename  given  by userlist_file.  If a
              user tries to log in using a  name  in  this  file,
              they  will  be  denied  before they are asked for a
              password. This may be useful in preventing  cleart­
              ext   passwords   being   transmitted.   See   also
              userlist_deny.
 
              Default: NO
 
       write_enable
              This controls whether any FTP commands which change
              the  filesystem  are allowed or not. These commands
              are: STOR, DELE, RNFR, RNTO,  MKD,  RMD,  APPE  and
              SITE.
 
              Default: NO
 
       xferlog_enable
              If   enabled,   a   log  file  will  be  maintained
              detailling uploads and downloads.  By default, this
              file  will  be  placed  at /var/log/vsftpd.log, but
              this location may be overridden using the  configu­
              ration setting xferlog_file.
 
              Default: NO (but the sample config file enables it)
 
       xferlog_std_format
              If enabled, the transfer log file will  be  written
              in  standard  xferlog  format,  as used by wu-ftpd.
              This is  useful  because  you  can  reuse  existing
              transfer  statistics generators. The default format
              is more readable, however.
 
              Default: NO
 
NUMERIC OPTIONS
       Below is a list of numeric options. A numeric option  must
       be  set  to a non negative integer. Octal numbers are sup­
       ported, for convenience of the umask options.  To  specify
       an octal number, use 0 as the first digit of the number.
 
       accept_timeout
              The  timeout,  in  seconds,  for a remote client to
              establish connection with a PASV style data connec­
              tion.
 
              Default: 60
 
       anon_max_rate
              The  maximum data transfer rate permitted, in bytes
              per second, for anonymous clients.
 
              Default: 0 (unlimited)
 
       anon_umask
              The value that the umask for file creation  is  set
              to  for anonymous users. NOTE! If you want to spec­
              ify octal values, remember the "0" prefix otherwise
              the value will be treated as a base 10 integer!
 
              Default: 077
 
       connect_timeout
              The  timeout,  in  seconds,  for a remote client to
              respond to our PORT style data connection.
 
              Default: 60
 
       data_connection_timeout
              The timeout, in seconds, which is roughly the maxi­
              mum time we permit data transfers to stall for with
              no progress. If the timeout  triggers,  the  remote
              client is kicked off.
 
              Default: 300
 
       ftp_data_port
              The  port  from which PORT style connections origi­
              nate  (as   long   as   the   poorly   named   con­
              nect_from_port_20 is enabled).
 
              Default: 20
 
       idle_session_timeout
              The  timeout, in seconds, which is the maximum time
              a remote client may spend between FTP commands.  If
              the  timeout  triggers, the remote client is kicked
              off.
 
              Default: 300
 
       local_max_rate
              The maximum data transfer rate permitted, in  bytes
              per second, for local authenticated users.
 
              Default: 0 (unlimited)
 
       local_umask
              The  value  that the umask for file creation is set
              to for local users. NOTE! If you  want  to  specify
              octal values, remember the "0" prefix otherwise the
              value will be treated as a base 10 integer!
 
              Default: 077
 
 
    pasv_max_port
              The maximum port to allocate for  PASV  style  data
              connections.  Can  be used to specify a narrow port
              range to assist firewalling.
 
              Default: 0 (use any port)
 
       pasv_min_port
              The minimum port to allocate for  PASV  style  data
              connections.  Can  be used to specify a narrow port
              range to assist firewalling.
 
              Default: 0 (use any port)
 
STRING OPTIONS
       Below is a list of string options.
 
       anon_root
              This option represents  a  directory  which  vsftpd
              will  try  to change into after an anonymous login.
              Failure is silently ignored.
 
              Default: (none)
 
       banned_email_file
              This option is the name of a file containing a list
              of anonymous e-mail passwords which are not permit­
              ted.  This  file  is  consulted   if   the   option
              deny_email_enable is enabled.
 
              Default: /etc/vsftpd.banned_emails
 
       chown_username
              This is the name of the user who is given ownership
              of anonymously uploaded files. This option is  only
              relevant  if another option, chown_uploads, is set.
 
              Default: root
 
       chroot_list_file
              The option is the name of a file containing a  list
              of  local  users which will be placed in a chroot()
              jail in their home directory. This option  is  only
              relevant   if   the  option  chroot_list_enable  is
              enabled, and the option chroot_local_user  is  dis­
              abled.
 
              Default: /etc/vsftpd.chroot_list
 
       guest_username
              See the boolean setting guest_enable for a descrip­
              tion of what constitutes a guest login.  This  set­
              ting  is  the  real  username which guest users are
              mapped to.
 
              Default: ftp
 
ftp_username
              This is the name of the user we  use  for  handling
              anonymous  FTP.  The home directory of this user is
              the root of the anonymous FTP area.
 
              Default: ftp
 
       ftpd_banner
              This string  option  allows  you  to  override  the
              greeting  banner displayed by vsftpd when a connec­
              tion first comes in.
 
              Default: (none -  default  vsftpd  banner  is  dis­
              played)
 
       local_root
              This  option  represents  a  directory which vsftpd
              will try to change into after a  local  (i.e.  non-
              anonymous) login. Failure is silently ignored.
 
              Default: (none)
 
       message_file
              This  option  is  the  name of the file we look for
              when a new directory is entered. The  contents  are
              displayed  to  the remote user. This option is only
              relevant  if  the   option   dirmessage_enable   is
              enabled.
 
              Default: .message
 
       nopriv_user
              This is the name of the user that is used by vsftpd
              when it want to be totally unprivileged. Note  that
              this  should  be  a  dedicated  user,  rather  than
              nobody. The user nobody tends to be used for rather
              a lot of important things on most machines.
 
              Default: nobody
 
       pam_service_name
              This  string  is the name of the PAM service vsftpd
              will use.
 
              Default: ftp
 
       secure_chroot_dir
              This option should be the name of a directory which
              is   empty.  Also,  the  directory  should  not  be
              writable by the ftp user. This directory is used as
              a  secure  chroot()  jail  at times vsftpd does not
              require filesystem access.
 
              Default: /var/run/vsftpd
 
       userlist_file
              This option is the name of the file loaded when the
              userlist_enable option is active.
 
  Default: /etc/vsftpd.user_list
 
       xferlog_file
              This  option  is  the  name of the file to which we
              write the transfer log. The transfer  log  is  only
              written if the option xferlog_enable is set.
 
              Default: /var/log/vsftpd.log
 
AUTHOR
       chris@scary.beasts.org
 
                                                   VSFTPD.CONF(5)
 
 

Reply

Marsh Posté le 23-10-2003 à 14:41:19    

Hehe j'ai rien dit  :D  :whistle:  (tromper de serveur...)
Ahhh lala SSH on se melange avec les IP :D

Reply

Marsh Posté le 23-10-2003 à 14:41:47    

LOL :D
le principal c que as la doc now ;)

Reply

Marsh Posté le 23-10-2003 à 14:44:57    

Ouais :D

Reply

Sujets relatifs:

Leave a Replay

Make sure you enter the(*)required information where indicate.HTML code is not allowed