The File Transfer Protocol (FTP) provides users with a simple way to transfer files to and from an FTP server. FreeBSD includes FTP server software, ftpd, in the base system. This makes setting up and administering an FTP server on FreeBSD very straightforward.
The most important configuration step is deciding which
accounts will be allowed access to the FTP server. A normal
FreeBSD system has a number of system accounts used for
various daemons, but unknown users should not be allowed to
log in with these accounts. The
/etc/ftpusers
file is a list of users
disallowed any FTP access. By default, it includes the
aforementioned system accounts, but it is possible to add
specific users here that should not be allowed access to
FTP.
In some cases it may be desirable to restrict the access
of some users without
preventing them completely from using FTP. This can be
accomplished with the /etc/ftpchroot
file. This file lists users and groups subject to FTP access
restrictions. The ftpchroot(5) manual page has all of
the details so it will not be described in detail here.
To enable anonymous FTP access to the
server, create a user named
ftp
on the FreeBSD system. Users will then
be able to log on to the FTP server with a username of
ftp
or anonymous
and
with any password (by convention an email address for the user
should be used as the password). The FTP server will call
chroot(2) when an anonymous user logs in, to restrict
access to only the home directory of the
ftp
user.
There are two text files that specify welcome messages to
be displayed to FTP clients. The contents of the file
/etc/ftpwelcome
will be displayed to
users before they reach the login prompt. After a successful
login, the contents of the file
/etc/ftpmotd
will be displayed. Note
that the path to this file is relative to the login
environment, so the file ~ftp/etc/ftpmotd
would be displayed for anonymous users.
Once the FTP server has been configured properly, it must
be enabled in /etc/inetd.conf
. All that
is required here is to remove the comment symbol
“#” from in front of the existing
ftpd line :
As explained in Example 30.1, “Reloading the inetd Configuration File”, the inetd configuration must be reloaded after this configuration file is changed. Please refer to Section 30.2.2, “Settings” for details on enabling inetd on the system.
Alternatively, ftpd can also be
started as a stand-alone server. In this case, it is
sufficient to set the appropriate variable in
/etc/rc.conf
:
After setting the above variable, the stand-alone server
will be started at the next reboot, or it can be started
manually by executing the following command as
root
:
#
service ftpd start
You can now log on to the FTP server by typing:
%
ftp localhost
The ftpd daemon uses
syslog(3) to log messages. By default, the system log
daemon will put messages related to FTP in the
/var/log/xferlog
file. The location of
the FTP log can be modified by changing the following line in
/etc/syslog.conf
:
Be aware of the potential problems involved with running an anonymous FTP server. In particular, think twice about allowing anonymous users to upload files. It may turn out that the FTP site becomes a forum for the trade of unlicensed commercial software or worse. If anonymous FTP uploads are required, then verify the permissions so that these files can not be read by other anonymous users until they have been reviewed by an administrator.
This, and other documents, can be downloaded from http://ftp.FreeBSD.org/pub/FreeBSD/doc/
For questions about FreeBSD, read the
documentation before
contacting <questions@FreeBSD.org>.
For questions about this documentation, e-mail <doc@FreeBSD.org>.