- Install the OS, using your favorite method.
- Apply FreeBSD updates, either in binary form or the old long drawn out method of recompiling from source, this depends on your requirements and if you have a custom kernel.
- Create a group, call it ftpusers to make it clear what it's going to be used for.
- Add users to said group when you create them, maybe give them an alternate home like /usr/ftpusers to separate them from the normal users.
- Add the group name you created above to /etc/ftpchroot, don't forget to add an @ before the group name e.g @ftpusers otherwise it won't work.
- Enable FTP Daemon by adding the following line to /etc/rc.conf:
ftpd_enable="YES"
and type this at the command line to start the ftp daemon
/etc/inetd/ftpd start
or in /etc/inetd.conf remove the comment from the ftpd line and type
kill -HUP inetd
at the command line after editing the inetd.conf file to start ftpd.
or reboot, your choice.
And that's pretty much it! Now test it with multiple accounts to make sure it's all good and as expected before deploying or letting your internet friends abuse it.
If you want to allow SSH access to certain people but not others use the nologin shell for those that don't need SSH access, beware there may be flaws in using this method or the shell code which could be exploited if you open SSH to the world, the same applies to an "open" FTP daemon.
No comments:
Post a Comment