How to Configure vsftpd an Anonymous FTP Server

Anonymous vsftpd server

This article will show you how to configure vsftpd as an anonymous FTP server which does not require authentication.

vsftpd is an FTP file server which can run on Linux.

FTP is is the file transfer protocol. It’s been around forever (since the 1970’s!), so it works with just about everything.

I run vsftp on an openwrt router as a quick and dirty file sharing solution that will work with even the oldest of my devices (including Windows 3.1 and old Macintosh computers).

The software for these old machines is often picky about connecting to modern FTP servers, and doesn’t support many of the features of modern servers.  A simple vsftp server without authentication allows me to transfer files and software to these old machines with ease.

Anonymous FTP Server?

An anonymous FTP server simply means no username or password is required to log in, all files are public read/writable.

Because of this, anyone with access can log in and modify files.

Due to this, make sure your server is only accessible from your local network only!

Additionally, this configuration is for unencrypted FTP, so again, it’s not for use on the internet.

Fixing Common Errors

The configuration provided below fixes these two common errors when creating anonymous ftp shares with vsftpd:

500 OOPS: cannot change directory:/home/ftp
500 OOPS: refusing to run with writable root inside chroot()

Creating FTP Server Directories

vsftpd will need two directories to host the ftp server.

The first is the root directory. It cannot be publicly writable.

The second is a subdirectory of the root directory – it must be publicly writable so your anonymous users have somewhere they can upload files to.

Create and set the permissions for these two directories by issueing the following commands, replacing /mnt/sda1/ftp with the path to the location you wish to share via FTP:

mkdir /mnt/sda1/ftp
mkdir /mnt/sda1/ftp/uploads
chmod 775 /mnt/sda1/ftp
chmod 777 uploads

Full Working Configuration File

Next, edit the vsftpd configuration file located at:

/etc/vsftpd.conf

Below, is the full configuration which you can copy and paste into your own file. The comments explain what’s going on.

# Default Options

# Run vsftpd in the background
background=YES
# Listen for incoming connections
listen=YES
# Allow writing files
write_enable=YES
# File creation mask for local users - not used, but part of the default config, so I've left it in
local_umask=022
# Do not check for a valid user shell
check_shell=NO
# Do not maintain session logins
session_support=NO

# Anonymous FTP server specific stuff

# Enable anonymous logins
anonymous_enable=YES
# Disable local user logins - they won't be used
local_enable=NO
# Set the root path for the FTP server files
# This must NOT be publicly writable - ensure it's set with chmod permissions 775 at least
anon_root=/mnt/sda1/ftp
# Allow anonymous users to create directories
anon_mkdir_write_enable=YES
# Allow anoynmous users to upload files
anon_upload_enable=YES
# Allow anonymous users to rename and delete files
anon_other_write_enable=YES
# Do not ask for password for anonymous user
no_anon_password=YES
# Hide user/group info in directory listings
hide_ids=YES
# The name of the anonymous FTP user - this  fixes the 'cannot change directory' error
ftp_username=nobody
# Make newly uploaded files read/writable
anon_umask=000

More Configuration Options

For more configuration options, you can view the full user manual for configuring vsftpd at:

http://vsftpd.beasts.org/vsftpd_conf.html

Connect!

Reboot your system to ensure the configuration is completely applied, and then you will be able to connect using any FTP client.

SHARE:
nv-author-image

Brad Morton

I'm Brad, and I'm nearing 20 years of experience with Linux. I've worked in just about every IT role there is before taking the leap into software development. Currently, I'm building desktop and web-based solutions with NodeJS and PHP hosted on Linux infrastructure. Visit my blog or find me on Twitter to see what I'm up to.

Leave a Reply

Your email address will not be published. Required fields are marked *