We have been testing a PTZ camera set up for various monitoring purposes. I’ve disabled the WiFi and hardwired it for a bit tighter security. I’m able to power cycle via its GUI, and if the system freezes, I can power cycle it via a WiFi outlet controller.
Now all that’s left to do is set up motion triggers, alerts, and a file server. Let’s get to it.
first, let’s get our system updated:
:~$ sudo apt update && sudo apt upgrade
This will get our tools up-to-date.
I decided on vsftpd as it seems to be the most recommended FTP service for Debian Buster.
:~$ sudo apt install vsftpd
Check the service is running:
:~$ sudo systemctl status vsftpd
Configure the FTP server:
The vsftpd configuration file is located at /etc/vsftpd.conf – before modifying it, let’s first back it up:
:~$ sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.bak
If instead you wanted to first confirm this file’s existence, you could do ls -a /etc , or you could do something like:
[[ -f "/etc/vsftpd.conf" ]] && echo 1 || echo 0
Once copied, we are safe to edit – use your editor of choice – but remember, since we’re in /etc, this is a protected file and requires authentication to edit:
:~$ sudo vi /etc/vsftpd.conf
Change the following lines:
listen=YES
#listen_ipv6=NO
write_enable=YES
#connect_from_port_20=YES
listen_port=21
The next block is of note because it forces strict file modification permissions – i.e. sudoers shouldn’t be able to use FTP as a means to overwrite a user’s files (if that is allowed/necessary, it should happen via the file system).
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
If you reviewed the contents of /etc earlier, you may recall that this file doesn’t yet exist – so we’ll have to make it. But first we need to save our vsftpd.conf file. If you’re in vi and forgot to use sudo or your sudo time ran out, you can do this:
:w !sudo tee %
Details on how this works here.
If you want to check your enabled settings, run this:
sudo cat /etc/vsftpd.conf | grep -v "^#"Now we can create the user list file:
:~$ sudo vi /etc/vsftpd.chroot_list
Then add viable users to it and save ( :wq~ in vi):
myuser
To add more users simply add them as system accounts, and then include them in /etc/vsftpd.chroot_list
You’ll then need to restart the vsftpd service:
:~$ sudo systemctl restart vsftpd
Now you can connect via ftp://your.ip.address and any enabled credentialsResources
- https://www.osradar.com/how-to-set-up-an-ftp-server-on-debian-10-buster/
1 thought on “Debian 1 – Installing and configuring an FTP server”