VSFTPD allows anonymous login regardless
knute at frazmtn.com
Sat Sep 29 16:46:22 UTC 2007
>>> Hi all
>>> I have VSFTPD setup to allow only local user authentication, but it
>>> still allows anonymous connections and displays the contents of /
>>> ftp, what am I doing wrong?
>>> I've included pertinent information from my vsftpd.conf file. Many
>> Did you get a answer to this yet?
>> I hate to suggest this (because I got caught the other day with the
>> ports closed when I thought they were open) but did you restart it
>> after you changed vsftpd.conf?
>No answer apart from yours. Thanks for the tip but I restarted VSFTPD
>after eveery config change, and then restarted it more when it didn't
>work as I expected :(
Unless you specify chroot_local_user a local user can see the whole
Do you have tcp_wrappers set to yes? You can use that to limit where
connections come from.
Is it possible that the ftp client you are using is really sending a
local user name?
There are a lot of subtle things that interact with vsftpd and it
doesn't report anything, ever, as far as I can tell.
Until you figure out the problem, tcp_wrappers is a simple solution
to keep out the unwanted.
More information about the ubuntu-users