Setting up Lukemftpd (Tnftpd)

tested on netbsd / rhel / debian/ubuntu / slackware142

Requirements

NetBSD

(built-in)

RHEL

rpm -q gcc make byacc

Debian / Ubuntu

apt install build-essential byacc

Slackware

ls -lF /var/log/packages/bison-*

Build & install

grab the latest latest release

wget https://ftp.netbsd.org/pub/NetBSD/misc/tnftp/tnftpd-20200704.tar.gz
wget https://ftp.netbsd.org/pub/NetBSD/misc/tnftp/tnftpd-20200704.tar.gz.asc

# A4186D9A7F332472
gpg --verify tnftpd-20200704.tar.gz.asc

tar xzf tnftpd-20200704.tar.gz
cd tnftpd-20200704/
./configure --sysconfdir=/etc --localstatedir=/var --without-pam
# --with-blacklist
echo $MAKEFLAGS
make
make install

Preparation

user accounts

eventually get rid of the skeletons

mv -i /etc/skel/ /etc/skel.dist/
mkdir /etc/skel/

guest account

eventually create some user for authenticated sessions to work

useradd -m storage
passwd storage

eventually create a guest account for anonymous usage

grep ^ftp: /etc/passwd
grep ^ftp /etc/group

#nbsd
useradd -d /tftpboot -k /dev/null -s /sbin/nologin ftp

#lignux
useradd -M -s /bin/false ftp

gives

# netbsd
ftp:*************:1000:100::0:0::/tftpboot:/sbin/nologin

# debian/ubuntu
ftp:x:UID-HERE:GID-HERE::/home/ftp:/bin/false

# slackware
ftp:x:14:50::/home/ftp:/bin/false

and eventually change ftp user’s home directory to something useful – be it a directory listing or some PXE repository

vipw

ftp:x:14:50:Slackware PXE server:/tftpboot:/bin/false

NO NEED TO GIVE A SHELL for the anonymous ftp user! The guest account works even so.

Setup

NetBSD

cp /usr/share/examples/ftpd/ftpd.conf /etc/ftpd.conf.dist
mv /etc/ftpusers /etc/ftpusers.dist
mv /etc/ftpchroot /etc/ftpchroot.dist

GNU/Linux

cp -pi /usr/local/share/examples/tnftpd/ftpd.conf /etc/ftpd.conf.dist
cp -pi /usr/local/share/examples/tnftpd/ftpusers /etc/ftpusers.dist

main setup

vi /etc/ftpd.conf # new file

motd all none
umask chroot 022
umask real 022

# firewall
#portrange all 70000 70999

# dnat
#advertize all FRONT-FACING-IP

define users

vi /etc/ftpusers # new file

storage     allow chroot
ftp     allow guest
anonymous   allow guest
*       deny

Ready to go

NetBSD

echo ftpd=yes ftpd_flags="-ll -V ''" >> /etc/rc.conf
/etc/rc.d/ftpd start

ps auxww | grep ftpd

GNU/Linux

vi /etc/rc.local

echo -n starting lukemftpd...
/usr/local/libexec/tnftpd -D -4 -ll -V "" && echo done || echo FAIL

pgrep -a ftpd
ps auxfww | grep ftpd

Acceptance

telnet localhost 21
quit

ftp -a localhost

Additional notes

anonymous upload directory (optional)

mkdir /tftpboot/incoming/
chmod 777 /tftpboot/incoming/
chmod +t /tftpboot/incoming/

gives

# netbsd
----rw----  1 ftp  wheel  3 Apr 14 11:31 ok

# slackware
----rw----  1 ftp  ftp      3 Apr  1 10:31 ok

trying to retrieve

get: Access failed: 550 ok: Permission denied.

trying to override

put: Access failed: 553 ok: Permission denied.

and you may add some check in the daily cron job

vi /etc/daily

    echo content of /tftpboot/incoming/:
    find /tftpboot/incoming/
    echo

Fortunes (optional)

GNU/Linux

apt search fortune
apt install fortune fortunes
/usr/games/fortune -n 40 -s | head -1

Slackware

/usr/games/fortune -s | head -1

and use it as -V


HOME | GUIDES | LECTURES | LAB | SMTP HEALTH | HTML5
Copyright © 2022 Pierre-Philipp Braun