1 open holes in the firewall
Use OpenWRT's web interface (luci): open tcp:20 and tcp:21 for plain old unencrypted ftp.
2 install vsftpd
opkg update
opkg install vsftpd |
3 create the ftp directory
mkdir -p /home/ftp_user/storage chown ftp_user /home/ftp_user/storage |
Note: Don't chown the ftp_user dir, because later we will jail the user.
4 add the user to the system
Add a user by editing /etc/passwd, useradd doesn't add a shell, so don't use it.
"/bin/false" - no ssh login possible
ftp_user:x:1000:55::/home/ftp_user:/bin/false |
then
passwd ftp_user |
to change the password of that user
5 configure vsftpd
Config, add these to /etc/vsftpd.conf, so the anon user points to the right location
anonymous_enable=YES anon_root=/home/ftp_user/ |
6 jail the user
chroot_local_user=YES |
7 start and enable
to start and make it autostart at boot:
/etc/init.d/vsftpd start /etc/init.d/vsftpd enable |
Basically OpenWRT has issues in terms of scripts and commands, but it's amazing how many things are already implemented.
short and neat, thank you!
Cannot use /mnt/sda3/storage instead of /home/ftp_user/storage
vstftpd refusing to run with writable root insife chroot()
yave any ideas?
I have the same problem, tell me how to solve it?