1

I want to configure my vsftpd server to accept anonymous FTP.

I used the following /etc/vsftpd.conf:

listen=YES
anonymous_enable=YES

local_enable=NO

write_enable=YES
anon_root=/tmp/
anon_max_rate=2048000
xferlog_enable=YES
allow_writeable_chroot=YES
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=NO
chroot_list_enable=NO
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key

And then I restarted vsftpd with:

sudo service vsftpd restart

And then I tried to connect to the FTP server from another PC as "anonymous", but I got an error:

$ ftp 192.168.1.68
Connected to 192.168.1.68.
220 (vsFTPd 3.0.2)
Name (192.168.1.68:mohamed): anonymous
331 Please specify the password.
Password:
500 OOPS: vsftpd: refusing to run with writable root inside chroot()
Login failed.
ftp>

What am I missing?

Improve this question

1 Answer 1

Reset to default
1

It's a "new" security feature vsftpd: refusing to run with writable root inside chroot

You must disable write rights on the root dir chmod a-w yourdirectory

This was reason enough for me to move to pure-ftpd

Improve this answer
2
  • what's the root dir in my case?
    – Mohamed KALLEL
    Commented Feb 19, 2016 at 9:48
  • you have set anon_root=/tmp but i wouldn't recommend disabling write rights on tmp, that would affect many other things, better make another directory
    – Sidias-Korrado
    Commented Feb 19, 2016 at 13:05

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .