Using FreeBSD's /usr/libexec/ftpd which will soon be ftp/freebsd-ftpd. This doesn't use a secure connection, so it's not meant for transferring confidential files. The way the anonymous ftpd server is set up, it doesn't use a password either. Read only mode is optional.
Add FTP user
To later change directory or other variables, use chsh(1). On FreeBSD, ftpd will select this as the home directory.
FTPD directories and permissions
~/ftp/ set permissions to root:wheel, and set to 755, so it's un-writable by group and other. If it needs ftp:wheel, for the directory itself, with nothing else under it for it to work, as ftp is the original owner when this user directory is creating, then the configuration is lacking, as the owner needs to be root.
~/ftp/bin/ needed if access to system's commands is restricted.
~/ftp/etc/ owned by root:wheel, and un-writable by anyone, as permission 555
~/ftp/pub/ owned by root:wheel; should be 755 or 775. Shouldn't be owned by ftp or ftp group. Should be download only. This is where files for sharing on the anonymous ftp server belong. Files in this directory belong to its respective owner, rather than being relevant to the ftp directory structure. To upload, use incoming.
~/ftp/incoming/ this directory is only for anyone, especially anonymous, to upload files to. This directory is optional, only if you need it for this purpose. Files should be uploaded here, instead of to pub by anonymous users. Its owner is nobody:wheel; permissions are 1777. To use this directory, read-only mode shouldn't be enabled.
Remove . (dot) files, that come with the newly created ftp directory.
This is according to ftpd(8) and other documentation.
/etc/ftpusers is where to place users who are denied access.
/etc/ftpwelcome is where a welcome message can be placed.
~/ftp/etc/ftpmotd where message after successfully logging in can be placed.
Trying server and client
Start the anonymous server, by trying
Test with
In my case, this is a Class C IP address. To make the ftpd server available outside of computer, firewall settings may need to be temporary disabled, to adjust settings and test functionality. ftp uses port 21, per /etc/services.
To see the port running use ps ax |grep ftp or sockstat -l |grep ftp as root.
Make configuration permanent
FreeBSD's version of ftpd comes with its own service startup script. rc.conf:
The -r flag is optional, depending on if you want to be able to upload to the incoming/ directory of your anonymous ftp server. For other ftpd's without a service start up script available, one would use inetd.conf(8) instead.
FTP usage
Choose "ftp" or its login alias of "anonymous" as the user, then press enter for password. Other users as anonymous can be added through /etc/ftpchroot.
On the ftp console, use
Using from smart phone
For using this ftp directory from your smart phone, the apps FTP Client and Total Commander with its ftp plugin can be used to access this anonymous ftpd directory. Use the IP address of your computer, its alias, or its hostname with the LAN name.
About alternative ftp servers
For reference, this isn't tftpd/tftp (traditional/trivial ftp) as that doesn't have these commands, and that's for more limited but for some purposes essential use. With tftpd(8), you must know the file name, and it uses the /tftpboot/ directory. tftpd also runs on port 69, as opposed to port 21. It's typically for diskless booting.
For an attempted comparison of non-viral licensed ftp servers and hints about their use: Thread netbsds-tnftpd-compared-to-other-ftp-servers.95259. That thread had to be re-edited and corrected. There's also mention of secure FTP servers which use SSL/TLS.
Refs
Add FTP user
adduser
Code:
user: ftp
shell: nologin
choose default or custom
ftp home directoryFTPD directories and permissions
~/ftp/ set permissions to root:wheel, and set to 755, so it's un-writable by group and other. If it needs ftp:wheel, for the directory itself, with nothing else under it for it to work, as ftp is the original owner when this user directory is creating, then the configuration is lacking, as the owner needs to be root.
~/ftp/bin/ needed if access to system's commands is restricted.
~/ftp/etc/ owned by root:wheel, and un-writable by anyone, as permission 555
~/ftp/pub/ owned by root:wheel; should be 755 or 775. Shouldn't be owned by ftp or ftp group. Should be download only. This is where files for sharing on the anonymous ftp server belong. Files in this directory belong to its respective owner, rather than being relevant to the ftp directory structure. To upload, use incoming.
~/ftp/incoming/ this directory is only for anyone, especially anonymous, to upload files to. This directory is optional, only if you need it for this purpose. Files should be uploaded here, instead of to pub by anonymous users. Its owner is nobody:wheel; permissions are 1777. To use this directory, read-only mode shouldn't be enabled.
Remove . (dot) files, that come with the newly created ftp directory.
This is according to ftpd(8) and other documentation.
/etc/ftpusers is where to place users who are denied access.
/etc/ftpwelcome is where a welcome message can be placed.
~/ftp/etc/ftpmotd where message after successfully logging in can be placed.
Trying server and client
Start the anonymous server, by trying
/usr/libexec/ftpd -A -D. The A flag is for anonymous, and D is for starting as a daemon. -r mode is optional for read only mode, only if you want to prevent uploads to the relevant incoming/ directory to your anonymous server.Test with
ftp localhost first, then, try starting ftpd by using the ip address of your computer listed by ifconfig(8). Optionally, add alias through rc.conf and restart netif:
Code:
ifconfig_re0_alias0="inet 192.168.10.1 netmask 0xffffff00"To see the port running use ps ax |grep ftp or sockstat -l |grep ftp as root.
Make configuration permanent
FreeBSD's version of ftpd comes with its own service startup script. rc.conf:
Code:
ftpd_enable="YES"
ftpd_flags="-A -D"FTP usage
Choose "ftp" or its login alias of "anonymous" as the user, then press enter for password. Other users as anonymous can be added through /etc/ftpchroot.
On the ftp console, use
? for help. Use close to exit a connection. Then, enter ftp to try to connect to a local network address. Alternatively, than the IP address, your computer's hostname followed by .lan can be used: this hostname can be found in rc.conf. If the wrong user was entered, the user command can be used. Use ls and cd to move around in the ftp directories, and get to retrieve files. This can be used on your local computer for testing, however, this is also useful on the network. mget and mput are for multiple downloads or uploads. lcd is to change directories outside of the ftp directory for saving: not applicable to anonymous users.Using from smart phone
For using this ftp directory from your smart phone, the apps FTP Client and Total Commander with its ftp plugin can be used to access this anonymous ftpd directory. Use the IP address of your computer, its alias, or its hostname with the LAN name.
About alternative ftp servers
For reference, this isn't tftpd/tftp (traditional/trivial ftp) as that doesn't have these commands, and that's for more limited but for some purposes essential use. With tftpd(8), you must know the file name, and it uses the /tftpboot/ directory. tftpd also runs on port 69, as opposed to port 21. It's typically for diskless booting.
For an attempted comparison of non-viral licensed ftp servers and hints about their use: Thread netbsds-tnftpd-compared-to-other-ftp-servers.95259. That thread had to be re-edited and corrected. There's also mention of secure FTP servers which use SSL/TLS.
Refs
- Network Administration with FreeBSD 7
- BSD UNIX Toolbox
- FreeBSD 6 Unleashed
- FreeBSD documentation