1VSFTPD.CONF(5)                File Formats Manual               VSFTPD.CONF(5)
2
3
4

NAME

6       vsftpd.conf - config file for vsftpd
7

DESCRIPTION

9       vsftpd.conf  may  be used to control various aspects of vsftpd's behav‐
10       iour.  By  default,  vsftpd  looks  for  this  file  at  the   location
11       /etc/vsftpd/vsftpd.conf.   However, you may override this by specifying
12       a command line argument to vsftpd. The command  line  argument  is  the
13       pathname of the configuration file for vsftpd. This behaviour is useful
14       because you may wish to use an advanced inetd such as xinetd to  launch
15       vsftpd with different configuration files on a per virtual host basis.
16
17       Systemd changes the vsftpd daemon start-up. The vsftpd package contains
18       vsftpd-generator script  generating  symbolic  links  to  /var/run/sys‐
19       temd/generator/vsftpd.target.wants  directory.  The generator is called
20       during e. g. 'systemctl --system  daemon-reload'.  All  these  symbolic
21       links  link  /usr/lib/systemd/system/vsftpd@.service  file.  The vsftpd
22       daemon(s) is/are controlled by one of following ways:
23
24       1. Single daemon using  default  /etc/vsftpd/vsftpd.conf  configuration
25       file
26       # systemctl {start,stop,...} vsftpd[.service]
27
28       2. Single daemon using /etc/vsftpd/<config-filename>.conf
29       #   systemctl  {start,stop,...}  vsftpd@<config-filename-without-exten‐
30       sion>[.service]
31
32       3. All instances together
33       # systemctl {restart,stop} vsftpd.target
34
35       See systemd.unit(5), systemd.target(5) for further details.
36

FORMAT

38       The format of vsftpd.conf is very simple. Each line is either a comment
39       or  a directive. Comment lines start with a # and are ignored. A direc‐
40       tive line has the format:
41
42       option=value
43
44       It is important to note that it is an error to put  any  space  between
45       the option, = and value.
46
47       Each  setting  has  a  compiled in default which may be modified in the
48       configuration file.
49
50

BOOLEAN OPTIONS

52       Below is a list of boolean options. The value for a boolean option  may
53       be set to YES or NO.
54
55
56       allow_anon_ssl
57              Only  applies  if ssl_enable is active. If set to YES, anonymous
58              users will be allowed to use secured SSL connections.
59
60              Default: NO
61
62       allow_writeable_chroot
63              Allow chroot()'ing a user to a directory writable by that  user.
64              Note  that  setting  this  to  YES is potentially dangerous. For
65              example, if the user creates an 'etc' directory in the new  root
66              directory, they could potentially trick the C library into load‐
67              ing a user-created configuration file from the /etc/ directory.
68
69              Default: NO
70
71       better_stou
72              Use a better file name generation algorithm for  the  STOU  com‐
73              mand.  The  default original algorithm simply adds an increasing
74              number suffix to the file name, which is prone  to  race  condi‐
75              tions  if  multiple uploaders use the STOU command with the same
76              file name simultaneously, which can result  in  failure  of  the
77              command.  The  new  algorithm adds a unique random six character
78              suffix to the file name, which works much better in face of con‐
79              current uploads.
80
81              Default: NO
82
83       anon_mkdir_write_enable
84              If  set  to YES, anonymous users will be permitted to create new
85              directories under certain conditions.  For  this  to  work,  the
86              option  write_enable  must  be  activated, and the anonymous ftp
87              user must have write permission on the parent directory.
88
89              Default: NO
90
91       anon_other_write_enable
92              If set to YES, anonymous users  will  be  permitted  to  perform
93              write operations other than upload and create directory, such as
94              deletion and renaming. This is  generally  not  recommended  but
95              included for completeness.
96
97              Default: NO
98
99       anon_upload_enable
100              If set to YES, anonymous users will be permitted to upload files
101              under  certain  conditions.  For  this  to  work,   the   option
102              write_enable  must be activated, and the anonymous ftp user must
103              have write permission on desired upload locations. This  setting
104              is  also  required for virtual users to upload; by default, vir‐
105              tual  users  are  treated   with   anonymous   (i.e.   maximally
106              restricted) privilege.
107
108              Default: NO
109
110       anon_world_readable_only
111              When  enabled,  anonymous users will only be allowed to download
112              files which are world readable. This is recognising that the ftp
113              user may own files, especially in the presence of uploads.
114
115              Default: YES
116
117       anonymous_enable
118              Controls  whether  anonymous  logins  are  permitted  or not. If
119              enabled, both the usernames ftp and anonymous are recognised  as
120              anonymous logins.
121
122              Default: YES
123
124       ascii_download_enable
125              When  enabled,  ASCII  mode  data  transfers will be honoured on
126              downloads.  When disabled, the  server  will  pretend  to  allow
127              ASCII  mode  but  in fact ignore requests to activate it. So the
128              client will think the ASCII mode is  active  and  therefore  may
129              still  translate  any <CRLF> character sequences in the received
130              file. See the following article for a  detailed  explanation  of
131              the behaviour: https://access.redhat.com/articles/3250241.
132
133              Turn  this  option  on to have the server actually do ASCII man‐
134              gling on files when in ASCII mode.
135
136              Default: NO
137
138       ascii_upload_enable
139              When enabled, ASCII mode data  transfers  will  be  honoured  on
140              uploads.   When disabled, the server will pretend to allow ASCII
141              mode but in fact ignore requests to activate it. So  the  client
142              will  think  the  ASCII mode is active and will translate native
143              line terminators to the standard  <CRLF>  line  terminators  for
144              transmission,  but  the  server will not do any translation. See
145              the following article for a detailed explanation of  the  behav‐
146              iour: https://access.redhat.com/articles/3250241.
147
148              Turn  this  option  on to have the server actually do ASCII man‐
149              gling on files when in ASCII mode.
150
151              Default: NO
152
153       async_abor_enable
154              When enabled, a special FTP command known as "async  ABOR"  will
155              be enabled.  Only ill advised FTP clients will use this feature.
156              Additionally, this feature is awkward to handle, so it  is  dis‐
157              abled by default. Unfortunately, some FTP clients will hang when
158              cancelling a transfer unless this feature is available,  so  you
159              may wish to enable it.
160
161              Default: NO
162
163       background
164              When  enabled,  and  vsftpd  is started in "listen" mode, vsftpd
165              will background the listener process. i.e. control will  immedi‐
166              ately be returned to the shell which launched vsftpd.
167
168              Default: YES
169
170       check_shell
171              Note!  This  option  only  has  an  effect for non-PAM builds of
172              vsftpd. If disabled, vsftpd will not  check  /etc/shells  for  a
173              valid user shell for local logins.
174
175              Default: YES
176
177       chmod_enable
178              When  enabled,  allows use of the SITE CHMOD command. NOTE! This
179              only applies to local users. Anonymous users never  get  to  use
180              SITE CHMOD.
181
182              Default: YES
183
184       chown_uploads
185              If  enabled, all anonymously uploaded files will have the owner‐
186              ship changed to the user specified in  the  setting  chown_user‐
187              name.   This is useful from an administrative, and perhaps secu‐
188              rity, standpoint.
189
190              Default: NO
191
192       chroot_list_enable
193              If activated, you may provide a list  of  local  users  who  are
194              placed  in  a  chroot() jail in their home directory upon login.
195              The meaning is slightly different if chroot_local_user is set to
196              YES.  In  this  case, the list becomes a list of users which are
197              NOT to be placed in a chroot() jail.  By default, the file  con‐
198              taining  this list is /etc/vsftpd/chroot_list, but you may over‐
199              ride this with the chroot_list_file setting.
200
201              Default: NO
202
203       chroot_local_user
204              If set to YES, local users will be  (by  default)  placed  in  a
205              chroot()  jail  in  their  home directory after login.  Warning:
206              This option has security implications, especially if  the  users
207              have upload permission, or shell access. Only enable if you know
208              what you are doing.  Note that these security  implications  are
209              not  vsftpd  specific. They apply to all FTP daemons which offer
210              to put local users in chroot() jails.
211
212              Default: NO
213
214       connect_from_port_20
215              This controls whether PORT style data connections  use  port  20
216              (ftp-data)  on  the  server  machine. For security reasons, some
217              clients may insist that this is the case. Conversely,  disabling
218              this option enables vsftpd to run with slightly less privilege.
219
220              Default: NO (but the sample config file enables it)
221
222       debug_ssl
223              If true, OpenSSL connection diagnostics are dumped to the vsftpd
224              log file.  (Added in v2.0.6).
225
226              Default: NO
227
228       delete_failed_uploads
229              If true,  any  failed  upload  files  are  deleted.   (Added  in
230              v2.0.7).
231
232              Default: NO
233
234       deny_email_enable
235              If  activated,  you  may provide a list of anonymous password e-
236              mail responses which cause login to be denied. By  default,  the
237              file  containing this list is /etc/vsftpd/banned_emails, but you
238              may override this with the banned_email_file setting.
239
240              Default: NO
241
242       dirlist_enable
243              If set to NO, all directory list commands will  give  permission
244              denied.
245
246              Default: YES
247
248       dirmessage_enable
249              If  enabled,  users of the FTP server can be shown messages when
250              they first enter a new directory. By  default,  a  directory  is
251              scanned  for  the file .message, but that may be overridden with
252              the configuration setting message_file.
253
254              Default: NO (but the sample config file enables it)
255
256       download_enable
257              If set to NO, all download requests will give permission denied.
258
259              Default: YES
260
261       dual_log_enable
262              If enabled, two log files are generated in  parallel,  going  by
263              default to /var/log/xferlog and /var/log/vsftpd.log.  The former
264              is a wu-ftpd style transfer log, parseable  by  standard  tools.
265              The latter is vsftpd's own style log.
266
267              Default: NO
268
269       force_dot_files
270              If  activated,  files  and  directories  starting with . will be
271              shown in directory listings even if the "a" flag was not used by
272              the client. This override excludes the "." and ".." entries.
273
274              Default: NO
275
276       force_anon_data_ssl
277              Only  applies  if  ssl_enable  is  activated.  If activated, all
278              anonymous logins are forced to use a secure  SSL  connection  in
279              order to send and receive data on data connections.
280
281              Default: NO
282
283       force_anon_logins_ssl
284              Only  applies  if  ssl_enable  is  activated.  If activated, all
285              anonymous logins are forced to use a secure  SSL  connection  in
286              order to send the password.
287
288              Default: NO
289
290       force_local_data_ssl
291              Only  applies if ssl_enable is activated. If activated, all non-
292              anonymous logins are forced to use a secure  SSL  connection  in
293              order to send and receive data on data connections.
294
295              Default: YES
296
297       force_local_logins_ssl
298              Only  applies if ssl_enable is activated. If activated, all non-
299              anonymous logins are forced to use a secure  SSL  connection  in
300              order to send the password.
301
302              Default: YES
303
304       guest_enable
305              If  enabled,  all  non-anonymous  logins  are classed as "guest"
306              logins. A guest login is remapped to the user specified  in  the
307              guest_username setting.
308
309              Default: NO
310
311       hide_ids
312              If enabled, all user and group information in directory listings
313              will be displayed as "ftp".
314
315              Default: NO
316
317       implicit_ssl
318              If enabled, an SSL handshake is the first thing  expect  on  all
319              connections  (the FTPS protocol). To support explicit SSL and/or
320              plain text too, a separate vsftpd  listener  process  should  be
321              run.
322
323              Default: NO
324
325       listen If  enabled, vsftpd will run in standalone mode. This means that
326              vsftpd must not be run from an inetd of some kind. Instead,  the
327              vsftpd  executable is run once directly. vsftpd itself will then
328              take care of listening for and handling incoming connections.
329
330              Default: NO
331
332       listen_ipv6
333              Like the listen parameter, except vsftpd will listen on an  IPv6
334              socket  instead  of an IPv4 one. Note that a socket listening on
335              the IPv6 "any" address (::) will accept both IPv6 and IPv4  con‐
336              nections by default. This parameter and the listen parameter are
337              mutually exclusive.
338
339              Default: NO
340
341       local_enable
342              Controls whether local logins are permitted or not. If  enabled,
343              normal user accounts in /etc/passwd (or wherever your PAM config
344              references) may be used to log in. This must be enable  for  any
345              non-anonymous login to work, including virtual users.
346
347              Default: NO
348
349       lock_upload_files
350              When  enabled,  all  uploads  proceed  with  a write lock on the
351              upload file. All downloads proceed with a shared  read  lock  on
352              the download file. WARNING!  Before enabling this, be aware that
353              malicious readers could starve a writer wanting to e.g. append a
354              file.
355
356              Default: YES
357
358       log_die
359              Log  an  error  to  syslog  when some error condition occurs and
360              vsftpd decides to quit. Internally, the error messages given  to
361              the functions die(), die2() and bug() are passed to syslog. Cur‐
362              rently this functionality requires waiting for a short amount of
363              time  (1  second  is  used) after logging the message and before
364              exiting. This is a workaround for  the  following  systemd  bug:
365              https://github.com/systemd/systemd/issues/2913
366
367              Default: NO
368
369       log_ftp_protocol
370              When enabled, all FTP requests and responses are logged, provid‐
371              ing the option xferlog_std_format is  not  enabled.  Useful  for
372              debugging.
373
374              Default: NO
375
376       ls_recurse_enable
377              When  enabled,  this setting will allow the use of "ls -R". This
378              is a minor security risk, because a ls -R at the top level of  a
379              large site may consume a lot of resources.
380
381              Default: NO
382
383       mdtm_write
384              When enabled, this setting will allow MDTM to set file modifica‐
385              tion times (subject to the usual access checks).
386
387              Default: YES
388
389       no_anon_password
390              When enabled, this prevents vsftpd from asking for an  anonymous
391              password - the anonymous user will log straight in.
392
393              Default: NO
394
395       no_log_lock
396              When  enabled, this prevents vsftpd from taking a file lock when
397              writing to log  files.  This  option  should  generally  not  be
398              enabled.  It  exists to workaround operating system bugs such as
399              the Solaris / Veritas  filesystem  combination  which  has  been
400              observed to sometimes exhibit hangs trying to lock log files.
401
402              Default: NO
403
404       one_process_model
405              If  you have a Linux 2.4 kernel, it is possible to use a differ‐
406              ent security model which only uses one process  per  connection.
407              It is a less pure security model, but gains you performance. You
408              really don't want to enable this unless you know  what  you  are
409              doing,  and  your  site  supports huge numbers of simultaneously
410              connected users.
411
412              Default: NO
413
414       passwd_chroot_enable
415              If enabled, along with chroot_local_user , then a chroot()  jail
416              location  may be specified on a per-user basis. Each user's jail
417              is derived from their home directory string in /etc/passwd.  The
418              occurrence  of /./ in the home directory string denotes that the
419              jail is at that particular location in the path.
420
421              Default: NO
422
423       pasv_addr_resolve
424              Set to YES if you want to use  a  hostname  (as  opposed  to  IP
425              address) in the pasv_address option.
426
427              Default: NO
428
429       pasv_enable
430              Set to NO if you want to disallow the PASV method of obtaining a
431              data connection.
432
433              Default: YES
434
435       pasv_promiscuous
436              Set to YES if you want to disable the PASV security  check  that
437              ensures  the data connection originates from the same IP address
438              as the control connection.  Only enable if you know what you are
439              doing!  The  only  legitimate  use  for  this is in some form of
440              secure tunnelling scheme, or perhaps to facilitate FXP support.
441
442              Default: NO
443
444       port_enable
445              Set to NO if you want to disallow the PORT method of obtaining a
446              data connection.
447
448              Default: YES
449
450       port_promiscuous
451              Set  to  YES if you want to disable the PORT security check that
452              ensures that outgoing data connections can only connect  to  the
453              client. Only enable if you know what you are doing!
454
455              Default: NO
456
457       require_cert
458              If  set  to  yes,  all  SSL  client  connections are required to
459              present a client certificate. The degree of  validation  applied
460              to  this  certificate  is  controlled by validate_cert (Added in
461              v2.0.6).
462
463              Default: NO
464
465       require_ssl_reuse
466              If set to yes, all SSL data connections are required to  exhibit
467              SSL  session  reuse (which proves that they know the same master
468              secret as the  control  channel).  Although  this  is  a  secure
469              default,  it may break many FTP clients, so you may want to dis‐
470              able it. For a discussion of the consequences, see http://scary
471              beastsecurity.blogspot.com/2009/02/vsftpd-210-released.html
472              (Added in v2.1.0).
473
474              Default: YES
475
476       reverse_lookup_enable
477              Set to YES if you want vsftpd to transform the ip  address  into
478              the  hostname,  before pam authentication. This is useful if you
479              use pam_access including the hostname. If you want vsftpd to run
480              on the environment where the reverse lookup for some hostname is
481              available and the name server doesn't respond for a  while,  you
482              should set this to NO to avoid a performance issue.
483
484              Default: YES
485
486       run_as_launching_user
487              Set  to YES if you want vsftpd to run as the user which launched
488              vsftpd. This is useful where root access is not available.  MAS‐
489              SIVE  WARNING! Do NOT enable this option unless you totally know
490              what you are doing, as naive use of this option can create  mas‐
491              sive  security  problems. Specifically, vsftpd does not / cannot
492              use chroot technology to restrict file access when  this  option
493              is set (even if launched by root). A poor substitute could be to
494              use a deny_file setting such as {/*,*..*}, but  the  reliability
495              of  this  cannot compare to chroot, and should not be relied on.
496              If using this option, many restrictions on other options  apply.
497              For  example,  options requiring privilege such as non-anonymous
498              logins, upload ownership changing, connecting from port  20  and
499              listen  ports  less  than  1024  are not expected to work. Other
500              options may be impacted.
501
502              Default: NO
503
504       secure_email_list_enable
505              Set to YES if you want only a specified list of e-mail passwords
506              for  anonymous  logins  to be accepted. This is useful as a low-
507              hassle way of restricting access to low-security content without
508              needing  virtual  users. When enabled, anonymous logins are pre‐
509              vented unless the password provided is listed in the file speci‐
510              fied  by the email_password_file setting. The file format is one
511              password per line, no extra whitespace. The default filename  is
512              /etc/vsftpd/email_passwords.
513
514              Default: NO
515
516       session_support
517              This  controls  whether vsftpd attempts to maintain sessions for
518              logins. If vsftpd is  maintaining  sessions,  it  will  try  and
519              update  utmp  and wtmp. It will also open a pam_session if using
520              PAM to authenticate, and only close this upon  logout.  You  may
521              wish to disable this if you do not need session logging, and you
522              wish to give vsftpd more opportunity to run with less  processes
523              and  /  or  less privilege. NOTE - utmp and wtmp support is only
524              provided with PAM enabled builds.
525
526              Default: NO
527
528       setproctitle_enable
529              If enabled, vsftpd will try and show session status  information
530              in the system process listing. In other words, the reported name
531              of the process will change to reflect what a vsftpd  session  is
532              doing  (idle,  downloading etc). You probably want to leave this
533              off for security purposes.
534
535              Default: NO
536
537       ssl_enable
538              If enabled, and vsftpd was compiled against OpenSSL, vsftpd will
539              support  secure connections via SSL. This applies to the control
540              connection (including login) and also data  connections.  You'll
541              need a client with SSL support too. NOTE!!  Beware enabling this
542              option. Only enable it if you need it. vsftpd can make no  guar‐
543              antees  about the security of the OpenSSL libraries. By enabling
544              this option, you are declaring that you trust  the  security  of
545              your installed OpenSSL library.
546
547              Default: NO
548
549       ssl_request_cert
550              If  enabled,  vsftpd  will request (but not necessarily require;
551              see require_cert) a certificate  on  incoming  SSL  connections.
552              Normally  this  should not cause any trouble at all, but IBM zOS
553              seems to have issues.  (New in v2.0.7).
554
555              Default: YES
556
557       ssl_sslv2
558              Only applies if ssl_enable is activated. If enabled, this option
559              will  permit  SSL v2 protocol connections.  TLS v1.2 connections
560              are preferred.
561
562              Default: NO
563
564       ssl_sslv3
565              Only applies if ssl_enable is activated. If enabled, this option
566              will  permit  SSL v3 protocol connections.  TLS v1.2 connections
567              are preferred.
568
569              Default: NO
570
571       ssl_tlsv1
572              Only applies if ssl_enable is activated. If enabled, this option
573              will  permit  TLS v1 protocol connections.  TLS v1.2 connections
574              are preferred.
575
576              Default: NO
577
578       ssl_tlsv1_1
579              Only applies if ssl_enable is activated. If enabled, this option
580              will permit TLS v1.1 protocol connections.  TLS v1.2 connections
581              are preferred.
582
583              Default: NO
584
585       ssl_tlsv1_2
586              Only applies if ssl_enable is activated. If enabled, this option
587              will permit TLS v1.2 protocol connections.  TLS v1.2 connections
588              are preferred.
589
590              Default: YES
591
592       strict_ssl_read_eof
593              If enabled, SSL data uploads are required to terminate via  SSL,
594              not  an  EOF  on  the socket. This option is required to be sure
595              that an attacker did not terminate an upload prematurely with  a
596              faked TCP FIN. (New in v2.0.7).
597
598              Default: YES
599
600       strict_ssl_write_shutdown
601              If  enabled,  SSL  data  downloads are required to terminate via
602              SSL, not an EOF on the socket. This is off by default as  I  was
603              unable  to find a single FTP client that does this. It is minor.
604              All it affects is our ability to tell whether  the  client  con‐
605              firmed  full  receipt of the file. Even without this option, the
606              client is able to check the integrity of the download.  (New  in
607              v2.0.7).
608
609              Default: NO
610
611       syslog_enable
612              If  enabled,  then  any  log  output  which  would  have gone to
613              /var/log/vsftpd.log goes to the system log instead.  Logging  is
614              done under the FTPD facility.
615
616              Default: NO
617
618       tcp_wrappers
619              If  enabled,  and vsftpd was compiled with tcp_wrappers support,
620              incoming connections will be  fed  through  tcp_wrappers  access
621              control. Furthermore, there is a mechanism for per-IP based con‐
622              figuration. If tcp_wrappers sets the  VSFTPD_LOAD_CONF  environ‐
623              ment  variable,  then  the  vsftpd session will try and load the
624              vsftpd configuration file specified in this variable.
625
626              Default: NO
627
628       text_userdb_names
629              By default, numeric IDs are shown in the user and  group  fields
630              of  directory  listings.  You  can get textual names by enabling
631              this parameter. It is off by default  for  performance  reasons.
632              Note    that    textual    names   are   not   guaranteed   when
633              chroot_local_user is set to YES.
634
635              Default: NO
636
637       tilde_user_enable
638              If enabled, vsftpd  will  try  and  resolve  pathnames  such  as
639              ~chris/pics,  i.e.  a  tilde  followed  by a username. Note that
640              vsftpd will always resolve the pathnames ~ and  ~/something  (in
641              this  case  the ~ resolves to the initial login directory). Note
642              that ~user paths will only resolve if the file  /etc/passwd  may
643              be found within the _current_ chroot() jail.
644
645              Default: NO
646
647       use_localtime
648              If enabled, vsftpd will display directory listings with the time
649              in your local time zone. The default  is  to  display  GMT.  The
650              times returned by the MDTM FTP command are also affected by this
651              option.
652
653              Default: NO
654
655       use_sendfile
656              An internal setting used for testing  the  relative  benefit  of
657              using the sendfile() system call on your platform.
658
659              Default: YES
660
661       userlist_deny
662              This  option is examined if userlist_enable is activated. If you
663              set this setting to NO, then users will be denied  login  unless
664              they   are   explicitly   listed   in   the  file  specified  by
665              userlist_file.  When login  is  denied,  the  denial  is  issued
666              before the user is asked for a password.
667
668              Default: YES
669
670       userlist_enable
671              If enabled, vsftpd will load a list of usernames, from the file‐
672              name given by userlist_file.  If a user tries to log in using  a
673              name in this file, they will be denied before they are asked for
674              a password. This may be useful in preventing cleartext passwords
675              being transmitted. See also userlist_deny.
676
677              Default: NO
678
679       validate_cert
680              If  set  to yes, all SSL client certificates received must vali‐
681              date OK.  Self-signed certs do  not  constitute  OK  validation.
682              (New in v2.0.6).
683
684              Default: NO
685
686       userlist_log
687              This  option  is  examined  if  userlist_enable is activated. If
688              enabled, every login denial based  on  the  user  list  will  be
689              logged.
690
691              Default: NO
692
693       virtual_use_local_privs
694              If  enabled, virtual users will use the same privileges as local
695              users. By default, virtual users will use the same privileges as
696              anonymous  users, which tends to be more restrictive (especially
697              in terms of write access).
698
699              Default: NO
700
701       write_enable
702              This controls whether any FTP commands which change the filesys‐
703              tem  are  allowed  or not. These commands are: STOR, DELE, RNFR,
704              RNTO, MKD, RMD, APPE and SITE.
705
706              Default: NO
707
708       xferlog_enable
709              If enabled, a log file will be maintained detailling uploads and
710              downloads.    By   default,   this   file   will  be  placed  at
711              /var/log/vsftpd.log, but this location may be  overridden  using
712              the configuration setting vsftpd_log_file.
713
714              Default: NO (but the sample config file enables it)
715
716       xferlog_std_format
717              If  enabled,  the  transfer log file will be written in standard
718              xferlog format, as used by wu-ftpd. This is useful  because  you
719              can  reuse  existing transfer statistics generators. The default
720              format is more readable, however. The default location for  this
721              style  of  log  file  is /var/log/xferlog, but you may change it
722              with the setting xferlog_file.
723
724              Default: NO
725
726       isolate_network
727              If enabled, use CLONE_NEWNET to isolate the untrusted  processes
728              so  that  they  can't do arbitrary connect() and instead have to
729              ask the privileged process for sockets (  port_promiscuous  have
730              to be disabled).
731
732              Default: YES
733
734       isolate
735              If  enabled,  use  CLONE_NEWPID and CLONE_NEWIPC to isolate pro‐
736              cesses to their ipc and pid namespaces. So  separated  processes
737              can not interact with each other.
738
739              Default: YES
740
741

NUMERIC OPTIONS

743       Below  is  a list of numeric options. A numeric option must be set to a
744       non negative integer. Octal numbers are supported, for  convenience  of
745       the umask options. To specify an octal number, use 0 as the first digit
746       of the number.
747
748
749       accept_timeout
750              The timeout, in seconds, for a remote client to  establish  con‐
751              nection with a PASV style data connection.
752
753              Default: 60
754
755       anon_max_rate
756              The  maximum  data transfer rate permitted, in bytes per second,
757              for anonymous clients.
758
759              Default: 0 (unlimited)
760
761       anon_umask
762              The value that the umask for file creation is set to for  anony‐
763              mous  users. NOTE! If you want to specify octal values, remember
764              the "0" prefix otherwise the value will be treated as a base  10
765              integer!
766
767              Default: 077
768
769       bind_retries
770              Maximum number of attempts to find a free listening port in pas‐
771              sive mode.
772
773              Default: 9
774
775       chown_upload_mode
776              The file mode to force for chown()ed anonymous  uploads.  (Added
777              in v2.0.6).
778
779              Default: 0600
780
781       connect_timeout
782              The  timeout,  in seconds, for a remote client to respond to our
783              PORT style data connection.
784
785              Default: 60
786
787       data_connection_timeout
788              The timeout, in seconds, which is roughly the  maximum  time  we
789              permit  data  transfers  to  stall  for with no progress. If the
790              timeout triggers, the remote client is kicked off.
791
792              Default: 300
793
794       delay_failed_login
795              The number of seconds to  pause  prior  to  reporting  a  failed
796              login.
797
798              Default: 1
799
800       delay_successful_login
801              The  number  of  seconds to pause prior to allowing a successful
802              login.
803
804              Default: 0
805
806       file_open_mode
807              The permissions with which uploaded files  are  created.  Umasks
808              are applied on top of this value. You may wish to change to 0777
809              if you want uploaded files to be executable.
810
811              Default: 0666
812
813       ftp_data_port
814              The port from which PORT style connections originate (as long as
815              the poorly named connect_from_port_20 is enabled).
816
817              Default: 20
818
819       idle_session_timeout
820              The  timeout,  in  seconds,  which  is the maximum time a remote
821              client may spend between FTP commands. If the timeout  triggers,
822              the remote client is kicked off.
823
824              Default: 300
825
826       listen_port
827              If vsftpd is in standalone mode, this is the port it will listen
828              on for incoming FTP connections.
829
830              Default: 21
831
832       local_max_rate
833              The maximum data transfer rate permitted, in bytes  per  second,
834              for local authenticated users.
835
836              Default: 0 (unlimited)
837
838       local_umask
839              The  value  that the umask for file creation is set to for local
840              users. NOTE! If you want to specify octal values,  remember  the
841              "0"  prefix  otherwise  the  value  will be treated as a base 10
842              integer!
843
844              Default: 077
845
846       max_clients
847              If vsftpd is in standalone mode, this is the maximum  number  of
848              clients  which may be connected. Any additional clients connect‐
849              ing will get an error message.  The value  0  switches  off  the
850              limit.
851
852              Default: 2000
853
854       max_login_fails
855              After this many login failures, the session is killed.
856
857              Default: 3
858
859       max_per_ip
860              If  vsftpd  is in standalone mode, this is the maximum number of
861              clients which may be connected from  the  same  source  internet
862              address. A client will get an error message if they go over this
863              limit. The value 0 switches off the limit.
864
865              Default: 50
866
867       pasv_max_port
868              The maximum port to allocate for PASV  style  data  connections.
869              Can  be  used  to  specify  a  narrow port range to assist fire‐
870              walling.
871
872              Default: 0 (use any port)
873
874       pasv_min_port
875              The minimum port to allocate for PASV  style  data  connections.
876              Can  be  used  to  specify  a  narrow port range to assist fire‐
877              walling.
878
879              Default: 0 (use any port)
880
881       trans_chunk_size
882              You probably don't want to change this, but try  setting  it  to
883              something like 8192 for a much smoother bandwidth limiter.
884
885              Default: 0 (let vsftpd pick a sensible setting)
886
887

STRING OPTIONS

889       Below is a list of string options.
890
891
892       anon_root
893              This  option  represents  a  directory  which vsftpd will try to
894              change into  after  an  anonymous  login.  Failure  is  silently
895              ignored.
896
897              Default: (none)
898
899       banned_email_file
900              This option is the name of a file containing a list of anonymous
901              e-mail passwords which are not permitted. This file is consulted
902              if the option deny_email_enable is enabled.
903
904              Default: /etc/vsftpd/banned_emails
905
906       banner_file
907              This  option  is  the  name of a file containing text to display
908              when someone connects to the server. If set,  it  overrides  the
909              banner string provided by the ftpd_banner option.
910
911              Default: (none)
912
913       ca_certs_file
914              This  option is the name of a file to load Certificate Authority
915              certs from, for the purpose  of  validating  client  certs.  The
916              loaded  certs  are  also  advertised to the client, to cater for
917              TLSv1.0 clients such as the z/OS FTP client.   Regrettably,  the
918              default  SSL CA cert paths are not used, because of vsftpd's use
919              of restricted filesystem spaces (chroot). (Added in v2.0.6).
920
921              Default: (none)
922
923       chown_username
924              This is the name of the user who is given  ownership  of  anony‐
925              mously  uploaded  files. This option is only relevant if another
926              option, chown_uploads, is set.
927
928              Default: root
929
930       chroot_list_file
931              The option is the name of a file  containing  a  list  of  local
932              users  which  will  be  placed  in a chroot() jail in their home
933              directory.  This  option  is  only  relevant   if   the   option
934              chroot_list_enable  is  enabled. If the option chroot_local_user
935              is enabled, then the list file becomes a list of  users  to  NOT
936              place in a chroot() jail.
937
938              Default: /etvsftpd.confc/vsftpd.chroot_list
939
940       cmds_allowed
941              This  options  specifies  a  comma separated list of allowed FTP
942              commands (post login. USER, PASS and QUIT and others are  always
943              allowed  pre-login). Other commands are rejected. This is a pow‐
944              erful method of really locking  down  an  FTP  server.  Example:
945              cmds_allowed=PASV,RETR,QUIT
946
947              Default: (none)
948
949       cmds_denied
950              This options specifies a comma separated list of denied FTP com‐
951              mands (post login.  USER,  PASS,  QUIT  and  others  are  always
952              allowed  pre-login).  If  a  command  appears  on  both this and
953              cmds_allowed  then  the  denial  takes  precedence.  (Added   in
954              v2.1.0).
955
956              Default: (none)
957
958       deny_file
959              This  option  can  be  used  to set a pattern for filenames (and
960              directory names etc.) which should not be accessible in any way.
961              The  affected  items  are not hidden, but any attempt to do any‐
962              thing to them (download, change into directory, affect something
963              within  directory etc.) will be denied. This option is very sim‐
964              ple, and should not be used for serious  access  control  -  the
965              filesystem's  permissions should be used in preference. However,
966              this option may be useful in certain  virtual  user  setups.  In
967              particular  aware  that if a filename is accessible by a variety
968              of names (perhaps due to symbolic links  or  hard  links),  then
969              care must be taken to deny access to all the names.  Access will
970              be denied to items if their name contains the  string  given  by
971              hide_file,  or if they match the regular expression specified by
972              hide_file.  Note that vsftpd's regular expression matching  code
973              is  a  simple  implementation  which is a subset of full regular
974              expression functionality. Because of  this,  you  will  need  to
975              carefully  and exhaustively test any application of this option.
976              And you are recommended to use filesystem  permissions  for  any
977              important  security  policies  due to their greater reliability.
978              Supported regex syntax is any number of *, ?  and  unnested  {,}
979              operators.  Regex  matching is only supported on the last compo‐
980              nent of a path, e.g. a/b/? is supported but a/?/c is not.  Exam‐
981              ple: deny_file={*.mp3,*.mov,.private}
982
983              Default: (none)
984
985       dsa_cert_file
986              This option specifies the location of the DSA certificate to use
987              for SSL encrypted connections.
988
989              Default: (none - an RSA certificate suffices)
990
991       dsa_private_key_file
992              This option specifies the location of the DSA private key to use
993              for  SSL  encrypted  connections. If this option is not set, the
994              private key is expected to be in the same file as  the  certifi‐
995              cate.
996
997              Default: (none)
998
999       dh_param_file
1000              This option specifies the location of the custom parameters used
1001              for ephemeral Diffie-Hellman key exchange in SSL.
1002
1003              Default: (none - use built in parameters  appropriate  for  cer‐
1004              tificate key size)
1005
1006       ecdh_param_file
1007              This  option  specifies  the  location  of custom parameters for
1008              ephemeral Elliptic Curve Diffie-Hellman (ECDH) key exchange.
1009
1010              Default: (none -  use  built  in  parameters,  NIST  P-256  with
1011              OpenSSL  1.0.1  and automatically selected curve based on client
1012              preferences with OpenSSL 1.0.2 and later)
1013
1014       email_password_file
1015              This option can be used to provide an alternate file  for  usage
1016              by the secure_email_list_enable setting.
1017
1018              Default: /etc/vsftpd/email_passwords
1019
1020       ftp_username
1021              This  is the name of the user we use for handling anonymous FTP.
1022              The home directory of this user is the root of the anonymous FTP
1023              area.
1024
1025              Default: ftp
1026
1027       ftpd_banner
1028              This  string  option  allows you to override the greeting banner
1029              displayed by vsftpd when a connection first comes in.
1030
1031              Default: (none - default vsftpd banner is displayed)
1032
1033       guest_username
1034              See the boolean setting guest_enable for a description  of  what
1035              constitutes  a  guest  login.  This setting is the real username
1036              which guest users are mapped to.
1037
1038              Default: ftp
1039
1040       hide_file
1041              This option can be used to set  a  pattern  for  filenames  (and
1042              directory  names  etc.)  which  should  be hidden from directory
1043              listings. Despite being hidden, the files / directories etc. are
1044              fully accessible to clients who know what names to actually use.
1045              Items will be hidden if their names contain the string given  by
1046              hide_file,  or if they match the regular expression specified by
1047              hide_file. Note that vsftpd's regular expression  matching  code
1048              is  a  simple  implementation  which is a subset of full regular
1049              expression functionality.  See deny_file for details of  exactly
1050              what regex syntax is supported.  Example: hide_file={*.mp3,.hid‐
1051              den,hide*,h?}
1052
1053              Default: (none)
1054
1055       listen_address
1056              If vsftpd is in standalone mode, the default listen address  (of
1057              all local interfaces) may be overridden by this setting. Provide
1058              a numeric IP address.
1059
1060              Default: (none)
1061
1062       listen_address6
1063              Like listen_address, but specifies a default listen address  for
1064              the  IPv6 listener (which is used if listen_ipv6 is set). Format
1065              is standard IPv6 address format.
1066
1067              Default: (none)
1068
1069       local_root
1070              This option represents a directory  which  vsftpd  will  try  to
1071              change into after a local (i.e. non-anonymous) login. Failure is
1072              silently ignored.
1073
1074              Default: (none)
1075
1076       message_file
1077              This option is the name of the file  we  look  for  when  a  new
1078              directory  is  entered. The contents are displayed to the remote
1079              user. This  option  is  only  relevant  if  the  option  dirmes‐
1080              sage_enable is enabled.
1081
1082              Default: .message
1083
1084       nopriv_user
1085              This  is  the  name  of  the user that is used by vsftpd when it
1086              wants to be totally unprivileged. Note that  this  should  be  a
1087              dedicated  user, rather than nobody. The user nobody tends to be
1088              used for rather a lot of important things on most machines.
1089
1090              Default: nobody
1091
1092       pam_service_name
1093              This string is the name of the PAM service vsftpd will use.
1094
1095              Default: ftp
1096
1097       pasv_address
1098              Use this option to override the  IP  address  that  vsftpd  will
1099              advertise  in response to the PASV command. Provide a numeric IP
1100              address, unless pasv_addr_resolve is enabled, in which case  you
1101              can  provide  a  hostname  which will be DNS resolved for you at
1102              startup.
1103
1104              Default: (none - the address is taken  from  the  incoming  con‐
1105              nected socket)
1106
1107       rsa_cert_file
1108              This option specifies the location of the RSA certificate to use
1109              for SSL encrypted connections.
1110
1111              Default: /usr/share/ssl/certs/vsftpd.pem
1112
1113       rsa_private_key_file
1114              This option specifies the location of the RSA private key to use
1115              for  SSL  encrypted  connections. If this option is not set, the
1116              private key is expected to be in the same file as  the  certifi‐
1117              cate.
1118
1119              Default: (none)
1120
1121       secure_chroot_dir
1122              This  option  should  be the name of a directory which is empty.
1123              Also, the directory should not be writable by the ftp user. This
1124              directory is used as a secure chroot() jail at times vsftpd does
1125              not require filesystem access.
1126
1127              Default: /usr/share/empty
1128
1129       ssl_ciphers
1130              This option can be used to select which SSL ciphers vsftpd  will
1131              allow  for  encrypted  SSL connections. See the ciphers man page
1132              for further details. Note that restricting ciphers can be a use‐
1133              ful  security precaution as it prevents malicious remote parties
1134              forcing a cipher which they have found problems with.
1135
1136              By default, the system-wide crypto policy is used.  See  update-
1137              crypto-policies(8) for further details.
1138
1139              Default: PROFILE=SYSTEM
1140
1141       user_config_dir
1142              This  powerful  option  allows the override of any config option
1143              specified in the manual page, on a per-user basis. Usage is sim‐
1144              ple,  and  is  best  illustrated  with  an  example.  If you set
1145              user_config_dir to be /etc/vsftpd/user_conf and then log  on  as
1146              the  user  "chris",  then  vsftpd will apply the settings in the
1147              file /etc/vsftpd/user_conf/chris for the duration  of  the  ses‐
1148              sion.  The  format  of  this  file is as detailed in this manual
1149              page! PLEASE NOTE that not all settings are effective on a  per-
1150              user  basis. For example, many settings only prior to the user's
1151              session being started.  Examples  of  settings  which  will  not
1152              affect  any behviour on a per-user basis include listen_address,
1153              banner_file, max_per_ip, max_clients, xferlog_file, etc.
1154
1155              Default: (none)
1156
1157       user_sub_token
1158              This option is useful is conjunction with virtual users.  It  is
1159              used to automatically generate a home directory for each virtual
1160              user, based on a template. For example, if the home directory of
1161              the   real  user  specified  via  guest_username  is  /home/vir‐
1162              tual/$USER, and user_sub_token is set to $USER, then  when  vir‐
1163              tual  user fred logs in, he will end up (usually chroot()'ed) in
1164              the directory /home/virtual/fred.  This option also takes affect
1165              if local_root contains user_sub_token.
1166
1167              Default: (none)
1168
1169       userlist_file
1170              This   option   is   the  name  of  the  file  loaded  when  the
1171              userlist_enable option is active.
1172
1173              Default: /etc/vsftpd/user_list
1174
1175       vsftpd_log_file
1176              This option is the name of the file to which we write the vsftpd
1177              style  log  file.  This  log is only written if the option xfer‐
1178              log_enable is set, and xferlog_std_format is NOT  set.  Alterna‐
1179              tively,   it   is   written   if   you   have   set  the  option
1180              dual_log_enable.  One further complication -  if  you  have  set
1181              syslog_enable,  then this file is not written and output is sent
1182              to the system log instead.
1183
1184              Default: /var/log/vsftpd.log
1185
1186       xferlog_file
1187              This option is the name of the file to which we  write  the  wu-
1188              ftpd style transfer log. The transfer log is only written if the
1189              option xferlog_enable is  set,  along  with  xferlog_std_format.
1190              Alternatively,  it  is  written  if  you  have  set  the  option
1191              dual_log_enable.
1192
1193              Default: /var/log/xferlog
1194
1195

AUTHOR

1197       scarybeasts@gmail.com
1198
1199
1200
1201
1202                                                                VSFTPD.CONF(5)
Impressum