FTP Users
From WL-HDD Wiki
| WL-HDD Contents |
|---|
| What is the WL-HDD |
| Features |
| Pro's/con's |
| Reviews |
| Hacking |
| Inserting the HDD |
| Hacking Guides |
| Basic setup guides |
| Packages guides |
| Requests |
| Troubleshooting |
| This Wiki |
| Credits |
| Editing help |
| Contact Me |
Contents |
[edit] Prerequisites
To complete this guide, the following is assumed:
| You are running Oleg's firmware (1.9.2.7-6b or later) |
| You have harddisk partitions up and running with an extended filesystem mounted to /opt |
| You have installed the Ipkg package system. |
| You have configured your partitions to automount. |
| You have setup and successfully ran VSFTP from within your LAN. |
| You have created a new user called 'share' using the Adding Users Guide. |
[edit] Getting Started
The first thing we should do is to check that the user 'share' is able to login to the router.
Once you have logged into the router with Telnet or SSH, type
login share password [share@asus share]$
If this is successful then there is no reason to suggest why an FTP login won't work.
Now, whilst logged in as 'share' we will put a blank file called hello in the folder /opt/home/share First set the user permissions for the /opt/home/share folder
chown -R share /opt/home/share chgrp -R users /opt/home/share chmod -R 700 /opt/home/share
Note that no other user in the group 'users' will have access to /opt/home/shared using the setup above.
If you wish to allow users in the group 'users' to access /opt/home/share then you will need to change the chmod command accordingly. See the chmod guide.
touch /opt/home/share/hello
Now end the telnet session and open a windows command line or linux terminal.
Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp. C:\Documents and Settings\Lumb>ftp 192.168.1.8 Connected to 192.168.1.8. 220 Welcome to the Lumb FTP server User (192.168.1.8:(none)): share 331 Please specify the password. Password: 230 Login successful. ftp>
Note that the password will be the one that you specified when you created the user share. Now lets see if we can find that file:
ls
ftp> ls 200 PORT command successful. Consider using PASV. 150 Here comes the directory listing. hello 226 Directory send OK. ftp: 7 bytes received in 0.00Seconds 7000.00Kbytes/sec. ftp>
As you can see, the file hello is listed.
[edit] Chrooting VSFTP
Note that the user 'share' is able to leave the home directory.
However, this can and probably should be changed. This can be done with a vsftpd parameter called chroot_list_enable in the vsftpd.conf file.
Chroot makes the FTP user's home directory the root directory (/). Therefore, they are not able to leave their home directory. (/opt/home/share becomes /).
Login to the router as root using Telnet or SSH.
cd /opt/etc/ nano vsftpd.conf
Scroll to the chroot section and change the values so that they are the same as below:
# You may specify an explicit list of local users to chroot() to their home # directory. If chroot_local_user is YES, then this list becomes a list of # users to NOT chroot(). chroot_list_enable=YES # (default follows) chroot_list_file=/opt/etc/vsftpd.chroot_list
Save the file and Exit Nano
Ctrl + O Ctrl + X
Now lets create the chroot_list_file, this file contains a list of all users that you want to chroot.
nano /opt/etc/vsftpd.chroot_list
add the line 'share' and any other users you wish to chroot
share other user 1 other user 2
Save and Exit nano
[edit] Restart VSFTP
Now we need to restart VSFTPD to enable the changes. First lets kill vsftpd and xinetd.
killall vsftpd killall xinetd
This can also be done by doing
ps -e (note down the relevant PID's) kill # kill #
where # represents the PID of vsftpd and then xinetd
Now lets restart the daemon
cd /opt/etc/init.d ./S10xinetd exit
All of that can be done in one step by simply rebooting the router aswell!
reboot
Now open a command line or terminal again and login to VSFTP as the user 'share' The pwd command should return the following (/) rather than (/opt/home/share)
Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp. C:\Documents and Settings\All Users>ftp 192.168.1.8 Connected to 192.168.1.8. 220 Welcome to the Jono's FTP server User (192.168.1.8:(none)): share 331 Please specify the password. Password: 230 Login successful. ftp> pwd 257 "/" ftp>
Well thats basically it then. You can add more users using the Adding Users guide.
