Guide On How To Install A Poor Mans FTP On FreeBSD

Guide On How To Install A Poor Mans FTP On FreeBSD 2017-08-04T09:40:16+00:00

A Step By Step Guide On How To Install How To Install A Poor Mans FTP On FreeBSD
Sometimes you just need a simple FTP service with no fuzz for like a few minutes and that’s it. So instead of installing a full fledged FTP server you have the option to use FreeBSD’s build in FTP service. Setting this up is quite easy. It’s a simple matter of enabling FTP in the “Inetd Super Server” configuration and then either start inetd everytime you need FTP or make inetd startup whenever the server starts or reboots.. Be advised though this is not as fancy a solution as a real FTP server.

Right let’s get started then shall we. First we need to enable ftp in the file /etc/inetd.conf so find the following line.

# To enable a service, remove the '#' at the beginning of the line.
#
#ftp    stream  tcp     nowait  root    /usr/libexec/ftpd       ftpd -l
#ftp    stream  tcp6    nowait  root    /usr/libexec/ftpd       ftpd -l

And then remove the # mark for the line containing ftp like this.

# To enable a service, remove the '#' at the beginning of the line.
#
ftp    stream  tcp     nowait  root    /usr/libexec/ftpd       ftpd -l
#ftp    stream  tcp6    nowait  root    /usr/libexec/ftpd       ftpd -l

And we are actually ready, well not quite there are some precautions we need to take that most people forget when using this method. But let’s try and start it up shall we? Please note that the method for starting up inetd below will not survive a reboot more on that later.

/etc/rc.d/inetd onestart

You should now be able to FTP to your machine using your shell login credentials. That is unless your firewall is preventing it.

If you want to always have this enabled (not advised use a real FTP server instead) add the following line to /etc/rc.conf

inetd_enable="YES"

Warning Here is where the precautions comes in I talked about earlier. By default users are not chrooted and all existing users on the system can in theory FTP in to the server and even browse all files and folders if you use this method, unless you chroot them to their homedir. This can be done like this.

touch /etc/ftpchroot

And then you would add users to be chrooted to their homedir like this.

echo "johndoe" >> /etc/ftpchroot

But wait you say. What about the fact that all who has an account in theory can log in? Glad you asked I’m getting to this. This FTP method uses a how shall I describe it? A list of users who are “Not” allowed to ftp the server. The term “reverse control file” springs to mind. Here is how it’s done. Create the control file first.

touch /etc/ftpusers

Now this file should contain the list of users who are “Not” allowed to FTP into the system using the above method. That list should for starters as a minimum have the following accounts listed.

root
toor
daemon
operator
bin
tty
kmem
games
news
man
sshd
smmsp
mailnull
bind
unbound
proxy
_pflogd
_dhcp
uucp
pop
auditdistd
www
hast
nobody

Once these are added to /etc/ftpusers you can feel a bit more safe. Remember though this is a poor mans FTP solution, and I would recommend using a real FTP server if this is something you need in the long run.

And we are done here.

Spell checkers don’t – Grammar checkers don’t either.