You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
sudo nano /etc/vsftpd.conf
#uncomment these settings
write_enable=YES #for write access
local_umask=022
chroot_local_user=YES #chroot_local_user is to restrict local user to their home directories. (/home/{user}/)
#Add these lines at bottom of the file
allow_writeable_chroot=YES
pasv_enable=Yes
pasv_min_port=1024
pasv_max_port=1048
port_enable=YES
#If you use AWS EC2, you have a fixed public IP address, then add these lines
pasv_addr_resolve=NO
pasv_address=<SERVER_IP_ADDRESS>
#If you do not have a fixed IP address, then add these lines
pasv_addr_resolve=YES
pasv_address=<SERVER_FQDN OR SERVER_PUBLIC_IP_ADDRESS>
Create FTP user & allow login access to nologin shell
sudo useradd -m foo -s /usr/sbin/nologin
sudo passwd foo
sudo nano /etc/shells #open this file
Add "/usr/sbin/nologin" to /etc/shells
#restart vsftpd
sudo service vsftpd restart
Open ports in AWS EC2 instance security groups
TCP 20 to 21
TCP 1024 to 1048 #if enable passive mode
#again restart vsftpd
sudo service vsftpd restart
Test FTP connection
ftp <Hostname or Server IP Address> #for normal terminal test
#for test using ruby
require 'net/ftp'
ftp = Net::FTP.new
ftp.connect(<Hostname or Server IP Address>, 21)
ftp.login(<ftpuser>,<ftpuser password>)
ftp.passive = true
ftp.getbinaryfile(<remote file>, <local file>) #download file
#sometime PASV(passive mode) fails for some server then EPSV(extended passive mode) is used
#to overwrite 'makepasv' in Net::FTP
#file epsv.rb
require 'net/ftp'
module Net
class FTP
def makepasv
if @sock.peeraddr[0] == 'AF_INET'
host, port = parse229(sendcmd('EPSV'))
else
host, port = parse227(sendcmd('EPSV'))
end
return host, port
end
end
end
