|
Several FTP servers are available for the Linux platform. With SLES, two commonly used FTP servers are Pure-FTP (pure-ftpd) and VSFTP (vsftpd). Both of these FTP servers are included with SLES distributions and may be optionally installed during the OES installation. The Pure-FTP server is intended to provide fast, lightweight FTP access to a Linux server. It offers a focus on tight integration with the Linux kernel and a standards-compliant and security-aware design. The VSFTP server, or Very Secure FTP server, is an FTP server that was coded with a focus on security. Given the focus of this server, it is the FTP server most commonly used with SLES and will be the center of this discussion. Regardless of the server you select, the purpose of an FTP server is to provide a means of easily transferring files over network connections. All File Transfer Protocol (FTP) servers communicate over TCP/IP and should conform to RFC 959. The VSFTP server meets these requirements. When the primary VSFTP server daemon (vsftpd) is started, you can perform file transfers from any FTP client to the OES Linux Server. This is normally done by authenticating as a local user to the FTP server. However, if you are also using the LUM component of OES, FTP users can be configured for redirection back to your Novell eDirectory tree. Without LUM, the FTP server will be limited to authenticating locally stored users only. For more information on LUM, please see Chapter 8, "Users and Network Security." The VSFTP server is a fully functional FTP server with many features, such as those in the following list. This section provides basic installation and configuration information so that you can use FTP file access with NetDrive.
For detailed information on all VSFTP server features, see the VSFTP homepage at http://vsftpd.beasts.org/. Installing FTP ServerThe VSFTP server can be installed as an optional component during the OES Linux installation or it can be installed later through YaST. To install VSFTP using YaST:
When the VSFTP server has been installed, and enabled within xinetd, you are ready to configure the FTP server. Configuring the FTP ServerBefore you start the vsftpd server daemon, you should configure it by adjusting the configuration parameters found in the configuration file. The default configuration file is /etc/vsftpd.conf. The parameters in this configuration file do include comments; however, full descriptions, including default values for parameters, are only available through the man page (man 5 vsftpd.conf). The vsftpd server daemon can be run in two modes: standalone or behind xinetd. From a security perspective, running vsftpd behind xinetd is a commonly used configuration. However, if the FTP service is expected to be heavily used, or if additional security is not necessary (LAN-only accessible location), running the FTP server in standalone mode is an option. When you configure vsftpd, some options are only applicable to the standalone mode of vsftpd. For example, the IP address the FTP server will listen on can be configured via the listen_address parameter within vsftpd.conf. However, this parameter will only be recognized in standalone mode. When protected by xinetd, the IP address configuration is performed within xinetd. The vsftpd server daemon reads the default configuration file /etc/vsftpd.conf upon daemon startup and configures itself accordingly. If any change is made to this file, the next FTP connection will cause xinetd to spawn a new session of the FTP daemon and the new configuration will automatically take affect. GENERAL SETTINGSThe General section of the configuration file is used to configure system-wide behavior of the VSFTP server. Table 12.1 lists the available General server settings, with a brief description and the default setting in the configuration file.
TRANSFER SETTINGSThe Transfer section of the configuration file is used to configure file transfer behavior of the VSFTP server. Table 12.2 lists the available Transfer server settings, with a brief description and the default setting in the configuration file.
LOCAL USER SETTINGSThe Local User section of the configuration file is used to configure the FTP capabilities and environment for local users. These settings also apply to LUM users if the LUM component of OES is enabled. Table 12.3 lists the available Local User settings, with a brief description and the default setting in the configuration file.
ANONYMOUS USER SETTINGSThe Anonymous User section of the configuration file is used to configure the FTP capabilities and environment for anonymous, or guest, users. Table 12.4 lists the available Anonymous User settings, with a brief description and the default setting in the configuration file.
LOG SETTINGSThe Log Settings section of the configuration file is used to configure the logging behavior of the FTP server. Table 12.5 lists the available Log settings, with a brief description and the default setting in the configuration file.
With a basic FTP server running, NetDrive can be used by OES clients to access FTP resources, as described earlier in this chapter. For more information on using an FTP server in more general situations, see the SLES online documentation, or the vsftpd documentation at http://vsftpd.beasts.org/. |
|