tested on netbsd / rhel / debian/ubuntu / slackware142
NetBSD
(built-in)
RHEL
rpm -q gcc make byacc
Debian / Ubuntu
apt install build-essential byacc
Slackware
ls -lF /var/log/packages/bison-*
grab the latest latest release
wget https://ftp.netbsd.org/pub/NetBSD/misc/tnftp/tnftpd-20200704.tar.gz wget https://ftp.netbsd.org/pub/NetBSD/misc/tnftp/tnftpd-20200704.tar.gz.asc
gpg --verify tnftpd-20200704.tar.gz.asc tar xzf tnftpd-20200704.tar.gz cd tnftpd-20200704/ ./configure --sysconfdir=/etc --localstatedir=/var --without-pam # --with-blacklist echo $MAKEFLAGS make make install
eventually get rid of the skeletons
mv -i /etc/skel/ /etc/skel.dist/ mkdir /etc/skel/
eventually create a guest account for anonymous usage
grep ^ftp: /etc/passwd grep ^ftp /etc/group #nbsd useradd -d /tftpboot -k /dev/null -s /sbin/nologin ftp #lignux useradd -M -s /bin/false ftp
gives
# netbsd ftp:*************:1000:100::0:0::/tftpboot:/sbin/nologin # debian/ubuntu ftp:x:UID-HERE:GID-HERE::/home/ftp:/bin/false # slackware ftp:x:14:50::/home/ftp:/bin/false
and eventually change ftp user’s home directory to something useful – be it a directory listing or some PXE repository
vipw ftp:x:14:50:Slackware PXE server:/tftpboot:/bin/false
NO NEED TO GIVE A SHELL for the anonymous ftp user! The guest account works even so.
NetBSD
cp /usr/share/examples/ftpd/ftpd.conf /etc/ftpd.conf.dist mv /etc/ftpusers /etc/ftpusers.dist mv /etc/ftpchroot /etc/ftpchroot.dist
GNU/Linux
cp -pi /usr/local/share/examples/tnftpd/ftpd.conf /etc/ftpd.conf.dist cp -pi /usr/local/share/examples/tnftpd/ftpusers /etc/ftpusers.dist
main setup
vi /etc/ftpd.conf # new file motd all none umask chroot 022 umask real 022 # firewall #portrange all 70000 70999 # dnat #advertize all FRONT-FACING-IP
define users – here authenticated sessions and guest
vi /etc/ftpusers # new file SOME-USER allow chroot ftp allow guest anonymous allow guest * deny
NetBSD
echo ftpd=yes ftpd_flags="-ll -V 'lorem ipsum'" >> /etc/rc.conf /etc/rc.d/ftpd start ps auxww | grep ftpd
GNU/Linux
vi /etc/rc.local echo -n starting lukemftpd... /usr/local/libexec/tnftpd -D -4 -ll -V "lorem ipsum" && echo done || echo FAIL pgrep -a ftpd ps auxfww | grep ftpd
telnet localhost 21 quit ftp -a localhost
mkdir /tftpboot/incoming/ chmod 777 /tftpboot/incoming/ chmod +t /tftpboot/incoming/
gives
# netbsd ----rw---- 1 ftp wheel 3 Apr 14 11:31 ok # slackware ----rw---- 1 ftp ftp 3 Apr 1 10:31 ok
trying to retrieve
get: Access failed: 550 ok: Permission denied.
trying to override
put: Access failed: 553 ok: Permission denied.
and you may add some check in the daily cron job
vi /etc/daily
echo content of /tftpboot/incoming/:
find /tftpboot/incoming/
echo
GNU/Linux
apt search fortune apt install fortune fortunes /usr/games/fortune -n 40 -s | head -1
Slackware
/usr/games/fortune -s | head -1
and use it as -V