Red Hat Enterprise Linux 5 Administration Unleashed

Transferring Files with FTP 389TABLE 19.1Continuedlocal_enable NO If set to YES, local users on the FTP server are allowed tolog in to the server via FTP. Even though the default is NO,the sample configuration file enables this feature. Usecaution when enabling this feature because all communicationsincluding the username and password authenticationare not encrypted.hide_ids NO If set to YES, all user and group file ownership is shownas ftp to hide the real owners and groups.max_clients 0 Maximum number of clients that can connect at one time.If set to 0, the number of clients is unlimited.To start the FTP server, use the service vsftpd start command as root. To stop theserver, use the service vsftpd stop command. To have it automatically started at boottime, use the chkconfig vsftpd on command.If the configuration file is modified after the server is started, use the service vsftpdrestart command to enable the configuration changes.Allowing Anonymous FTPSome FTP servers are configured to allow users to access a set of files even though they donot have a username and password for the server. Instead, the user enters the usernameanonymous. Then, the FTP server usually asks for the person’s email address as the password.Unless the server is configured to deny access to that particular email address password,the user is allowed to browse all the files in a directory set up for anonymous users.Depending on its purpose, the FTP server can be configured to allow anonymous usersread-only access or can be configured to allow users to upload files.Anonymous FTP is enabled by default by setting the anonymous_enable directive in/etc/vsftpd/vsftpd.conf to YES. To disable it, set the directive to NO.If anonymous users are allowed, you can set the default directory into which the users areplaced after logging in. This is set with the anon_root directive in vsftpd.conf. If thisdirective is not set to a directory, anonymous users are placed into the /var/ftp/ directory,created when the vsftpd package is installed. By default, this directory is owned andcan only be written to by root, but is readable by everyone.19If anonymous users are allowed to upload files, consider creating a separate directory suchas /var/ftp/pub/uploads/ for anonymous uploads. It should be writable by everyone, butit does not have to be readable by everyone. Making it not readable by the anonymoususers will discourage people from finding the FTP server and using it for unauthorizedusers such as pirating illegal software.Table 19.2 provides a list of directives for configuring anonymous FTP.