# Run standalone? vsftpd can run either from an inetd or as a standalone # daemon started from an initscript. listen=YES # Allow anonymous FTP? (Disabled by default) anonymous_enable=NO # Uncomment this to allow local users to log in. local_enable=YES #local_enable=YES # Uncomment this to enable any form of FTP write command. write_enable=YES # Default umask for local users is 077. You may wish to change this to 022, # if your users expect that (022 is used by most other ftpd's) local_umask=022 # Uncomment this to allow the anonymous FTP user to upload files. This only # has an effect if the above global write enable is activated. Also, you will # obviously need to create a directory writable by the FTP user. anon_upload_enable=NO # Uncomment this if you want the anonymous FTP user to be able to create # new directories. anon_mkdir_write_enable=NO # Activate directory messages - messages given to remote users when they # go into a certain directory. dirmessage_enable=YES # If enabled, vsftpd will display directory listings with the time # in your local time zone. The default is to display GMT. The # times returned by the MDTM FTP command are also affected by this # option. use_localtime=YES # Activate logging of uploads/downloads. xferlog_enable=YES # You may override where the log file goes if you like. The default is shown # below. xferlog_file=/var/log/vsftpd.log # If you want, you can have your log file in standard ftpd xferlog format. # Note that the default log file location is /var/log/xferlog in this case. xferlog_std_format=NO # You may change the default value for timing out an idle session. idle_session_timeout=600 # You may change the default value for timing out a data connection. data_connection_timeout=120 # You may fully customise the login banner string: ftpd_banner=Welcome to Lunetikks FTP # You may restrict local users to their home directories. See the FAQ for # the possible risks in this before using chroot_local_user or # chroot_list_enable below. chroot_local_user=YES # # This option should be the name of a directory which is empty. Also, the # directory should not be writable by the ftp user. This directory is used # as a secure chroot() jail at times vsftpd does not require filesystem # access. secure_chroot_dir=/var/run/vsftpd/empty # This string is the name of the PAM service vsftpd will use. #pam_service_name=vsftpd pam_service_name=ftp # This option specifies the location of the RSA certificate to use for SSL # encrypted connections. rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem # This option specifies the location of the RSA key to use for SSL # encrypted connections. rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key allow_writeable_chroot=YES # only allow login by users in /etc/vsftpd.users userlist_enable=YES userlist_deny=NO userlist_file=/etc/vsftpd.users #split the log into two files (needed for fail2ban) dual_log_enable=YES