Configuration file: /etc/vsftpd/vsftpd.conf
Package: ftp (client)
Two types of login:
(a) Anonymous login: Anyone can login using the username “anonymous” or “ftp”, with password field blank. Here the user will be restricted to only ‘/var/ftp/pub’ folder. Only download is allowed here
(b) Non-anonymous login: Requires a valid username and password. Both upload and download is allowed based on user’s access permissions.
The entry “anonymous_enable=YES” in vsftpd.conf manages this feature.
# get: To download
# mget: get multiple downloads
# pwd: Remote system’s current directory
# !pwd: Our current dir
# bye: exit from FTP client
# close: Logout
# open: Log in to a server
# put: Upload file
To restrict local users to login to ftp we need to uncomment the entry local_enable=YES in vsftpd.conf. Now if you try to ftp via command line, you may see the message This FTP server is anonymous only.
To restrict local users to access only their home folder, uncomment the entry chroot_list_enable=YES and chroot_list_file=/etc/vsftpd/chroot_list in ‘vsftpd.conf’.
In the choot_list file remember to add the usernames of people who should have only access to their home folder.
To restrict few users to access ftp, add their usernames in /etc/vsftpd/ftpusers.
FTP access can be controlled using /etc/vsftpd/user_list too. First add usernames in this file. Now edit ‘vsftpd.conf’. If userlist_deny=NO is enabled, it only allow users in this file to access via ftp. If userlist_deny=YES is enabled, ftp never allow users in this file to login.