############## Yum Server Through FTP #############################
1. Install vsftpd (Very Secure ftp) Package.
2. Service vsftpd restart ( Main Demn ftp).
3. chkconfig vsftpd on
Main ftp directory /var/ftp/pub. Create directory under pub lets say centos.
Now copy all the rpm in this directory.
#cp -var * /var/ftp/pub/centos
4. Install createrepo
[root@mail Packages]# yum install createrepo
5.[root@mail Packages]# yum clean all
6. [root@mail Packages]# createrepo /var/ftp/pub/centos/
7. Now create .repo for local and for client
[root@mail Packages]# cd /etc/yum.repos.d/
[root@mail yum.repos.d]# touch ftp.repo
[root@mail yum.repos.d]# vim ftp.repo
copy and paster following ftp.repo
#-- repo id
[ftp]
# -- name of repo
Name = ftp repo
# - path of repo
baseurl = file///var/ftp/pub/centos
-- disable = 0, enabled = 1
enabled = 1
#gpg file path
gpgcheck = 0
### Client side adding repo ###
create the following .repo file
[ftp]
Name = ftp repo
baseurl = ftp://172.16.3.108/pub/centos
enabled = 1
gpgcheck = 0
This type of ftp created is anonymous ftp which means anybody can access the ftp server.
############## Securing ftp with username & password #######################
# Create a ftp user with password
1. # useradd ftp
2. # passwd ftp
# deny ssh access to ftp user
3. #usermod -s /sbin/nologin test
# Now create a file chroot_list and add ftp user entery into this
4. #vim /etc/vsftpd/chroot_list
Note : make ftp sure user entery should not be in these two files "ftpusers", "user_list" which is under localtion /etc/vsftpd. If ftp user entery exists remove it.
# Making changes in main config file vsftpd.conf for user access
[root@mail vsftpd]# vim /etc/vsftpd/vsftpd.conf
Line
No
12 anonymous_enable=NO
39 xferlog_enable=YES (log file)
# Line no 82 means log will be created in two files. One is xferlog.log, second is vsftpd.log which is under location /var/log
82 dual_log_enable=YES
# Line no 83 means files will not be downloaded from the ftp server.Only user can upload the files.
83 download_enable=NO
85 ftpd_banner=Welcome to FTP Server made by Vijay Kumar
97 chroot_list_enable=YES
99 chroot_list_file=/etc/vsftpd/chroot_list
:wq
https://security.appspot.com/vsftpd/vsftpd_conf.html
1. Install vsftpd (Very Secure ftp) Package.
2. Service vsftpd restart ( Main Demn ftp).
3. chkconfig vsftpd on
Main ftp directory /var/ftp/pub. Create directory under pub lets say centos.
Now copy all the rpm in this directory.
#cp -var * /var/ftp/pub/centos
4. Install createrepo
[root@mail Packages]# yum install createrepo
5.[root@mail Packages]# yum clean all
6. [root@mail Packages]# createrepo /var/ftp/pub/centos/
7. Now create .repo for local and for client
[root@mail Packages]# cd /etc/yum.repos.d/
[root@mail yum.repos.d]# touch ftp.repo
[root@mail yum.repos.d]# vim ftp.repo
copy and paster following ftp.repo
#-- repo id
[ftp]
# -- name of repo
Name = ftp repo
# - path of repo
baseurl = file///var/ftp/pub/centos
-- disable = 0, enabled = 1
enabled = 1
#gpg file path
gpgcheck = 0
### Client side adding repo ###
create the following .repo file
[ftp]
Name = ftp repo
baseurl = ftp://172.16.3.108/pub/centos
enabled = 1
gpgcheck = 0
This type of ftp created is anonymous ftp which means anybody can access the ftp server.
############## Securing ftp with username & password #######################
# Create a ftp user with password
1. # useradd ftp
2. # passwd ftp
# deny ssh access to ftp user
3. #usermod -s /sbin/nologin test
# Now create a file chroot_list and add ftp user entery into this
4. #vim /etc/vsftpd/chroot_list
Note : make ftp sure user entery should not be in these two files "ftpusers", "user_list" which is under localtion /etc/vsftpd. If ftp user entery exists remove it.
# Making changes in main config file vsftpd.conf for user access
[root@mail vsftpd]# vim /etc/vsftpd/vsftpd.conf
Line
No
12 anonymous_enable=NO
39 xferlog_enable=YES (log file)
# Line no 82 means log will be created in two files. One is xferlog.log, second is vsftpd.log which is under location /var/log
82 dual_log_enable=YES
# Line no 83 means files will not be downloaded from the ftp server.Only user can upload the files.
83 download_enable=NO
85 ftpd_banner=Welcome to FTP Server made by Vijay Kumar
97 chroot_list_enable=YES
99 chroot_list_file=/etc/vsftpd/chroot_list
:wq
https://security.appspot.com/vsftpd/vsftpd_conf.html
No comments:
Post a Comment