VSFTPD allows anonymous login regardless
Knute Johnson
knute at frazmtn.com
Sat Sep 29 16:46:22 UTC 2007
>>> Hi all
>>>
>>> I have VSFTPD setup to allow only local user authentication, but it
>>> still allows anonymous connections and displays the contents of /
>>> home/
>>> ftp, what am I doing wrong?
>>>
>>> I've included pertinent information from my vsftpd.conf file. Many
>>> thanks.
>>>
>>>
>>> listen=YES
>>> anonymous_enable=NO
>>> local_enable=YES
>>> write_enable=YES
>>> local_umask=022
>>> xferlog_enable=YES
>>> connect_from_port_20=YES
>>> nopriv_user=ftpsecure
>>> rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
>>
>> Did you get a answer to this yet?
>>
>> I hate to suggest this (because I got caught the other day with the
>> ports closed when I thought they were open) but did you restart it
>> after you changed vsftpd.conf?
>
>Hi Knute
>
>No answer apart from yours. Thanks for the tip but I restarted VSFTPD
>after eveery config change, and then restarted it more when it didn't
>work as I expected :(
Unless you specify chroot_local_user a local user can see the whole
file system.
Do you have tcp_wrappers set to yes? You can use that to limit where
connections come from.
Is it possible that the ftp client you are using is really sending a
local user name?
There are a lot of subtle things that interact with vsftpd and it
doesn't report anything, ever, as far as I can tell.
Until you figure out the problem, tcp_wrappers is a simple solution
to keep out the unwanted.
--
Knute Johnson
Molon Labe...
More information about the ubuntu-users
mailing list