The File Transfer Protocol (FTP) provides users with a simple way to transfer files to and from an FTP server. FreeBSD includes FTP server software, ftpd, in the base system. This makes setting up and administering an FTP server on FreeBSD very straightforward.
The most important configuration step is deciding which
accounts will be allowed access to the FTP server. A normal
FreeBSD system has a number of system accounts used for
various daemons, but unknown users should not be allowed to
log in with these accounts. The
/etc/ftpusers
file is a list of users
disallowed any FTP access. By default, it includes the
aforementioned system accounts, but it is possible to add
specific users here that should not be allowed access to
FTP.
You may want to restrict the access of some users without
preventing them completely from using FTP. This can be
accomplished with the /etc/ftpchroot
file. This file lists users and groups subject to FTP access
restrictions. The ftpchroot(5) manual page has all of
the details so it will not be described in detail here.
If you would like to enable anonymous FTP access to your
server, then you must create a user named
ftp
on your FreeBSD system. Users will then
be able to log on to your FTP server with a username of
ftp
or anonymous
and
with any password (by convention an email address for the user
should be used as the password). The FTP server will call
chroot(2) when an anonymous user logs in, to restrict
access to only the home directory of the
ftp
user.
There are two text files that specify welcome messages to
be displayed to FTP clients. The contents of the file
/etc/ftpwelcome
will be displayed to
users before they reach the login prompt. After a successful
login, the contents of the file
/etc/ftpmotd
will be displayed. Note
that the path to this file is relative to the login environment, so the
file ~ftp/etc/ftpmotd
would be displayed
for anonymous users.
Once the FTP server has been configured properly, it must
be enabled in /etc/inetd.conf
. All that
is required here is to remove the comment symbol
„#” from in front of the existing
ftpd line :
ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l
As explained in Przykład 25.1, „Reloading the inetd configuration file”, the inetd configuration must be reloaded after this configuration file is changed.
You can now log on to your FTP server by typing:
%
ftp localhost
The ftpd daemon uses
syslog(3) to log messages. By default, the system log
daemon will put messages related to FTP in the
/var/log/xferlog
file. The location of
the FTP log can be modified by changing the following line in
/etc/syslog.conf
:
ftp.info /var/log/xferlog
Be aware of the potential problems involved with running an anonymous FTP server. In particular, you should think twice about allowing anonymous users to upload files. You may find that your FTP site becomes a forum for the trade of unlicensed commercial software or worse. If you do need to allow anonymous FTP uploads, then you should set up the permissions so that these files can not be read by other anonymous users until they have been reviewed.
All FreeBSD documents are available for download at http://ftp.FreeBSD.org/pub/FreeBSD/doc/
Questions that are not answered by the
documentation may be
sent to <freebsd-questions@FreeBSD.org>.
Send questions about this document to <freebsd-doc@FreeBSD.org>.