| [c5c522c] | 1 | # Example config file /etc/vsftpd.conf |
|---|
| 2 | # |
|---|
| 3 | # The default compiled in settings are fairly paranoid. This sample file |
|---|
| 4 | # loosens things up a bit, to make the ftp daemon more usable. |
|---|
| 5 | # Please see vsftpd.conf.5 for all compiled in defaults. |
|---|
| 6 | # |
|---|
| 7 | # READ THIS: This example file is NOT an exhaustive list of vsftpd options. |
|---|
| 8 | # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's |
|---|
| 9 | # capabilities. |
|---|
| 10 | # |
|---|
| 11 | # Allow anonymous FTP? (Beware - allowed by default if you comment this out). |
|---|
| 12 | anonymous_enable=NO |
|---|
| 13 | # |
|---|
| 14 | # Uncomment this to allow local users to log in. |
|---|
| 15 | local_enable=YES |
|---|
| 16 | # |
|---|
| 17 | # Uncomment this to enable any form of FTP write command. |
|---|
| 18 | write_enable=YES |
|---|
| 19 | # |
|---|
| 20 | # Default umask for local users is 077. You may wish to change this to 022, |
|---|
| 21 | # if your users expect that (022 is used by most other ftpd's) |
|---|
| 22 | #local_umask=022 |
|---|
| 23 | # |
|---|
| 24 | # Uncomment this to allow the anonymous FTP user to upload files. This only |
|---|
| 25 | # has an effect if the above global write enable is activated. Also, you will |
|---|
| 26 | # obviously need to create a directory writable by the FTP user. |
|---|
| 27 | #anon_upload_enable=YES |
|---|
| 28 | # |
|---|
| 29 | # Uncomment this if you want the anonymous FTP user to be able to create |
|---|
| 30 | # new directories. |
|---|
| 31 | #anon_mkdir_write_enable=YES |
|---|
| 32 | # |
|---|
| 33 | # Activate directory messages - messages given to remote users when they |
|---|
| 34 | # go into a certain directory. |
|---|
| 35 | dirmessage_enable=YES |
|---|
| 36 | # |
|---|
| 37 | # Activate logging of uploads/downloads. |
|---|
| 38 | xferlog_enable=YES |
|---|
| 39 | # |
|---|
| 40 | # Make sure PORT transfer connections originate from port 20 (ftp-data). |
|---|
| 41 | connect_from_port_20=YES |
|---|
| 42 | # |
|---|
| 43 | # If you want, you can arrange for uploaded anonymous files to be owned by |
|---|
| 44 | # a different user. Note! Using "root" for uploaded files is not |
|---|
| 45 | # recommended! |
|---|
| 46 | #chown_uploads=YES |
|---|
| 47 | #chown_username=whoever |
|---|
| 48 | # |
|---|
| 49 | # You may override where the log file goes if you like. The default is shown |
|---|
| 50 | # below. |
|---|
| 51 | #xferlog_file=/var/log/vsftpd.log |
|---|
| 52 | # |
|---|
| 53 | # If you want, you can have your log file in standard ftpd xferlog format |
|---|
| 54 | #xferlog_std_format=YES |
|---|
| 55 | # |
|---|
| 56 | # You may change the default value for timing out an idle session. |
|---|
| 57 | #idle_session_timeout=600 |
|---|
| 58 | # |
|---|
| 59 | # You may change the default value for timing out a data connection. |
|---|
| 60 | #data_connection_timeout=120 |
|---|
| 61 | # |
|---|
| 62 | # It is recommended that you define on your system a unique user which the |
|---|
| 63 | # ftp server can use as a totally isolated and unprivileged user. |
|---|
| 64 | #nopriv_user=ftpsecure |
|---|
| 65 | # |
|---|
| 66 | # Enable this and the server will recognise asynchronous ABOR requests. Not |
|---|
| 67 | # recommended for security (the code is non-trivial). Not enabling it, |
|---|
| 68 | # however, may confuse older FTP clients. |
|---|
| 69 | #async_abor_enable=YES |
|---|
| 70 | # |
|---|
| 71 | # By default the server will pretend to allow ASCII mode but in fact ignore |
|---|
| 72 | # the request. Turn on the below options to have the server actually do ASCII |
|---|
| 73 | # mangling on files when in ASCII mode. |
|---|
| 74 | # Beware that turning on ascii_download_enable enables malicious remote parties |
|---|
| 75 | # to consume your I/O resources, by issuing the command "SIZE /big/file" in |
|---|
| 76 | # ASCII mode. |
|---|
| 77 | # These ASCII options are split into upload and download because you may wish |
|---|
| 78 | # to enable ASCII uploads (to prevent uploaded scripts etc. from breaking), |
|---|
| 79 | # without the DoS risk of SIZE and ASCII downloads. ASCII mangling should be |
|---|
| 80 | # on the client anyway.. |
|---|
| 81 | #ascii_upload_enable=YES |
|---|
| 82 | #ascii_download_enable=YES |
|---|
| 83 | # |
|---|
| 84 | # You may fully customise the login banner string: |
|---|
| 85 | #ftpd_banner=Welcome to blah FTP service. |
|---|
| 86 | # |
|---|
| 87 | # You may specify a file of disallowed anonymous e-mail addresses. Apparently |
|---|
| 88 | # useful for combatting certain DoS attacks. |
|---|
| 89 | #deny_email_enable=YES |
|---|
| 90 | # (default follows) |
|---|
| 91 | #banned_email_file=/etc/vsftpd.banned_emails |
|---|
| 92 | # |
|---|
| 93 | # You may specify an explicit list of local users to chroot() to their home |
|---|
| 94 | # directory. If chroot_local_user is YES, then this list becomes a list of |
|---|
| 95 | # users to NOT chroot(). |
|---|
| 96 | chroot_local_user=YES |
|---|
| 97 | chroot_list_enable=YES |
|---|
| 98 | # (default follows) |
|---|
| 99 | chroot_list_file=/home/system/vsftpd/vsftpd.chroot_list |
|---|
| 100 | # |
|---|
| 101 | # You may activate the "-R" option to the builtin ls. This is disabled by |
|---|
| 102 | # default to avoid remote users being able to cause excessive I/O on large |
|---|
| 103 | # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume |
|---|
| 104 | # the presence of the "-R" option, so there is a strong case for enabling it. |
|---|
| 105 | ls_recurse_enable=YES |
|---|
| 106 | # |
|---|
| 107 | # Enable passive ftp |
|---|
| 108 | pasv_min_port=20000 |
|---|
| 109 | pasv_max_port=21000 |
|---|
| 110 | pasv_enable=YES |
|---|
| 111 | # |
|---|
| 112 | # Don't use xinetd |
|---|
| 113 | listen=YES |
|---|
